codeql-action icon indicating copy to clipboard operation
codeql-action copied to clipboard
verified publisher icon github

`CodeQL` default configuration for external-based forks

Open pcaversaccio opened this issue 2 years ago • 2 comments

As recommended, I use the default setup for CodeQL. I also require the CI scans in my protected branches. However, whenever there is an external-fork-based PR, the scans are not run (= status is never reported). Example:

image

For internal-branch-based PRs it works smoothly, so it seems the default configuration doesn't work for external-fork-based PRs. Any advise on how to make this work without customising the CodeQL action yourself?

pcaversaccio avatar Feb 13 '24 17:02 pcaversaccio

This definitely needs more attention. @pcaversaccio Did you manage to build a custom workflow with the "Advanced setup" as a workaround?

devtobi avatar Sep 05 '24 10:09 devtobi

This definitely needs more attention. @pcaversaccio Did you manage to build a custom workflow with the "Advanced setup" as a workaround?

Oh yeah, using the advanced one everywhere now; example: https://github.com/pcaversaccio/snekmate/blob/main/.github/workflows/codeql.yml

pcaversaccio avatar Sep 05 '24 10:09 pcaversaccio