codeql icon indicating copy to clipboard operation
codeql copied to clipboard
verified publisher icon github

Missing option to enable CodeQL at personal org level

Open mcandre opened this issue 1 year ago • 2 comments

The "Code security and analysis" personal org settings page lists several options for Dependabot SCA third party security scans, but lists no option for CodeQL SAST first party security scans.

This males it unnecessarily difficult for GitHub users to consistently scan all their repositories. We'd just as well assume that millions of GitHub repos are insecure, rife with SAST violations.

mcandre avatar Apr 27 '24 19:04 mcandre

Hello from GitHub Code Scanning, and thanks for getting in touch, @mcandre. The behaviour you're describing isn't what I'd expect to see on that page, so I'd like to investigate further. Please could you post a screenshot of what you're seeing on that page, and let us know the organisation name? Many thanks.

sampart avatar May 02 '24 14:05 sampart

Hi @mcandre,

It has been a while since our last correspondence. Is the issue you describe still a problem? If so could you provide a screenshot such that @sampart can further investigate?

Thanks!

rvermeulen avatar Oct 15 '24 20:10 rvermeulen

This issue is stale because it has been open 14 days with no activity. Comment or remove the Stale label in order to avoid having this issue closed in 7 days.

github-actions[bot] avatar Oct 30 '24 01:10 github-actions[bot]

This issue was closed because it has been inactive for 7 days.

github-actions[bot] avatar Nov 07 '24 01:11 github-actions[bot]