Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding Ignored files should close previous alerts #1857

Open
michael-hawker opened this issue Aug 28, 2023 · 1 comment
Open

Adding Ignored files should close previous alerts #1857

michael-hawker opened this issue Aug 28, 2023 · 1 comment

Comments

@michael-hawker
Copy link

I'm setting up a new CodeQL instance, looking at the alerts for the PR branch, I saw I had thousands:

image

Hundreds appeared to be in generated XAML files from the platform build process (probably something they should look at later, but unrelated to our codebase directly):

image

So, I added in the config file to ignore these files:

image

However, all the alerts for these files still remained open on the next pass of the CI, since these files are listed as ignored, it'd be nice to have them all automatically deleted/closed.

It makes it really hard to find the actual things I should be looking for. And it seems like I can only close 25 items at a time, page by page in the filtered view.

Probably going to have to close my PR and open a new PR just to get a clean list...

@aibaars
Copy link
Collaborator

aibaars commented Sep 18, 2023

Unfortunately, filtering files with paths and paths-ignore has no effect for compiled languages. For compiled languages such as C# CodeQL will analyze all files as "seen" by a compiler during the build.

The https://github.com/advanced-security/filter-sarif Action can be used to filter out any unwanted results based on file path and query (or both).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants