Skip to content

Latest commit

 

History

History
50 lines (38 loc) · 3 KB

default-setup-enabled.md

File metadata and controls

50 lines (38 loc) · 3 KB
Raw
title shortTitle allowTitleToDifferFromFilename intro type topics versions redirect_from
Upload was rejected because CodeQL default setup is enabled for {% data variables.product.prodname_code_scanning %}
Default setup is enabled
true
You cannot upload SARIF results generated by the {% data variables.product.prodname_codeql %} action or {% data variables.product.prodname_codeql %} CLI when default setup for {% data variables.product.prodname_code_scanning %} is enabled. Check your configuration and decide whether to keep default setup or unblock SARIF upload.
reference
Code scanning
Errors
SARIF
Troubleshooting
fpt ghes ghec
*
*
*
/code-security/code-scanning/troubleshooting-sarif/default-setup-enabled

About this error

Upload with CodeQL results rejected due to "default setup"

This error is reported if a process attempts to upload a SARIF file containing results of {% data variables.product.prodname_codeql %} analysis to a repository where {% data variables.product.prodname_codeql %} default setup is enabled. This includes uploads using the REST API and the {% data variables.product.prodname_codeql_cli %}. SARIF uploads are blocked when {% data variables.product.prodname_codeql %} default setup is enabled to reduce the potential for users to be confused by seeing similar {% data variables.product.prodname_code_scanning %} alerts generated by different systems.

You will only see this error for SARIF files that contain results created using {% data variables.product.prodname_codeql %}.

Confirming the cause of the error

{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.user-settings.security-analysis %}

  1. In the "{% data variables.product.prodname_code_scanning_caps %}" section of the page, next to "{% data variables.product.prodname_codeql %} analysis," click {% octicon "kebab-horizontal" aria-label="Menu" %}.
  2. If there is a {% octicon "workflow" aria-hidden="true" %} Switch to advanced option, default setup is enabled for the repository.

Fixing the problem

Before you can fix the problem, you need to decide whether {% data variables.product.prodname_code_scanning %} alerts from {% data variables.product.prodname_codeql %} analysis in this repository should be generated using default setup or uploaded from SARIF files.

Continuing to generate alerts using default setup

  1. Leave the repository settings as they are, with default setup enabled.
  2. Disable the process or processes that tried to upload SARIF files to the repository.

Disabling default setup to unblock SARIF upload

  1. In the "{% data variables.product.prodname_code_scanning_caps %}" section of the page, next to "{% data variables.product.prodname_codeql %} analysis," from the {% octicon "kebab-horizontal" aria-label="Menu" %} menu select {% octicon "stop" aria-hidden="true" %} Disable {% data variables.product.prodname_codeql %}. {% data reusables.code-scanning.sarif-upload-retry %}