`CodeQL` default configuration for external-based forks

[pcaversaccio]

As recommended, I use the default setup for CodeQL. I also require the CI scans in my protected branches. However, whenever there is an external-fork-based PR, the scans are not run (= status is never reported). Example:

For internal-branch-based PRs it works smoothly, so it seems the default configuration doesn't work for external-fork-based PRs. Any advise on how to make this work without customising the CodeQL action yourself?

[devtobi]

This definitely needs more attention. @pcaversaccio Did you manage to build a custom workflow with the "Advanced setup" as a workaround?

[pcaversaccio]

This definitely needs more attention. @pcaversaccio Did you manage to build a custom workflow with the "Advanced setup" as a workaround?

Oh yeah, using the advanced one everywhere now; example: https://github.com/pcaversaccio/snekmate/blob/main/.github/workflows/codeql.yml