Skip to main content

此版本的 GitHub Enterprise Server 已于以下日期停止服务 2024-03-26. 即使针对重大安全问题,也不会发布补丁。 为了获得更好的性能、更高的安全性和新功能,请升级到最新版本的 GitHub Enterprise。 如需升级帮助,请联系 GitHub Enterprise 支持


当 CodeQL 找不到任何源代码时,需要解决此问题以取消阻止 code scanning 分析。

If your workflow fails with Error: "No source code was seen during the build" or The process '/opt/hostedtoolcache/CodeQL/0.0.0-20200630/x64/codeql/codeql' failed with exit code 32, this indicates that CodeQL was unable to monitor your code. There are six possible reasons for this:

  1. No supported languages: The repository may not contain source code that is written in languages supported by CodeQL. Check the list of supported languages and, if this is the case, remove the CodeQL workflow. For more information, see "About code scanning with CodeQL."

  2. No analyzable code of the detected languages: Automatic language detection identified a supported language, but there is no analyzable code of that language in the repository. A typical example is when our language detection service finds a file associated with a particular programming language like a .h, or .gyp file, but no corresponding executable code is present in the repository. To solve the problem, you can manually define the languages you want to analyze by updating the list of languages in the language matrix. For example, the following configuration will analyze only Go, and JavaScript.

      fail-fast: false
        # Override automatic language detection by changing the list below.
        # Supported options are listed in a comment in the default workflow.
        language: ['go', 'javascript' ]

    For more information, see the workflow extract in "Some languages were not analyzed with CodeQL advanced setup".

  3. Compilation of a compiled language failed: Your code scanning workflow tries to compile a compiled language (C, C++, C#, Go, or Java), but the code was not compiled. By default, the CodeQL analysis workflow contains an autobuild step and CodeQL makes a best effort to detect a suitable build method and build your code. The autobuild process may not succeed in building your code, depending on your specific build environment. Compilation may also fail if you have removed the autobuild step and did not include build steps manually. For more information about defining build steps, see "CodeQL code scanning for compiled languages."

  4. Cached components not detected: Your workflow builds a compiled language (C, C++, C#, Go, or Java) to create a CodeQL database for analysis, but portions of your build are cached to improve performance (most likely to occur with build systems like Gradle or Bazel). Since CodeQL observes the activity of the compiler to understand the data flows in a repository, CodeQL requires a complete build to take place in order to perform analysis.

  5. Compilation outside init and analyze steps: Your workflow builds a compiled language (C, C++, C#, Go, or Java), but compilation does not occur between the init and analyze steps in the workflow. CodeQL requires that your build happens in between these two steps in order to observe the activity of the compiler and perform analysis.

  6. Compilation not detected by CodeQL: Your compiled code (in C, C++, C#, Go, or Java) was compiled successfully, but CodeQL was unable to detect the compiler invocations. The most common causes are:

    • Running your build process in a separate container to CodeQL. For more information, see "Running CodeQL code scanning in a container."
    • Building using a distributed build system external to GitHub Actions, using a daemon process.
    • CodeQL isn't aware of the specific compiler you are using.

If you encounter another problem with your specific compiler or configuration, contact your site administrator.

For more information about specifying build steps, see "CodeQL code scanning for compiled languages."