Примечание.
GitHub Code Quality в настоящее время находится в public preview и может быть изменен. Во время public preview, Code Quality не будут оплачиваться, хотя Code Quality сканирование займет GitHub Actions минут.
CodeQL-powered analysis
Code Quality uses CodeQL to perform rule-based analysis of pull requests and your default branch.
-
Findings for your default branch appear under the "Стандартные выводы" dashboard under your repository's Security tab.
-
Findings on pull requests appear as comments made by
github-code-quality[бот].
Автофикс второго пилота suggestions are provided for findings where possible.
Query lists for supported languages
Each Code Quality rule is written as a query in CodeQL and then run using GitHub Actions.
The rules are continually refined by both GitHub and open source developers.
- C# CodeQL queries for Code Quality
- Go CodeQL queries for Code Quality
- Java CodeQL queries for Code Quality
- JavaScript CodeQL queries for Code Quality
- Python CodeQL queries for Code Quality
- Ruby CodeQL queries for Code Quality
For more information about the CodeQL project, see https://codeql.github.com/.
Workflow used for code quality analysis
You can see all the workflow runs for Code Quality on the Actions tab for your repository. The dynamic workflow is called "Качество кода".
By default, the Качество кода workflow runs on standard GitHub runners but you can configure Code Quality to use runners with a specific label. These may be hosted by GitHub or self-hosted.
If your organization has configured caching of private registries, these will be available for code quality analysis to use to resolve dependencies.
For more information, see:
Pull request status checks
When code quality analysis runs on a pull request, the "CodeQL - Качество кода / Analyze" check is shown in the "Checks" section at the bottom of the pull request.
Any code problems identified by the scan are reported in comments on the pull request. The comment is made by the github-code-quality[бот] and includes a Автофикс второго пилота suggestion.
Status check failures
The workflow failed to run. For example, your budget for actions minutes is exhausted. See Viewing logs to diagnose failures.
Merging is blocked: Code quality findings were detected
The scan found problems in the code that exceed the quality gate set by a code quality branch rule for the repository. You need to resolve these problems before you can merge the pull request. See Устранение блокировки в запросе на вытягивание.