Troubleshooting analysis errors
Identify and resolve errors that occur during code analysis, including build failures, incomplete scans, resource limits, and unexpected results.
Alerts found in generated code
When analyzing your code with code scanning, you may wish to build only the code which you wish to analyze.
Automatic build failed for a compiled language
If automatic build fails, you can configure code scanning to use specific build steps for compiled languages.
C# compiler unexpectedly failing
If your MSBuild C# compilation is unexpectedly failing, you may need to amend your application project file.
Cannot enable CodeQL in a private repository
GitHub Code Security must be enabled in order to use code scanning on private repositories.
Code scanning analysis takes too long
You can fine tune your code scanning configuration to minimize analysis time.
CodeQL scanned fewer lines than expected
If CodeQL analyzed less code than you expected, you may need to use a custom build command.
Enabling default setup takes too long
If you think that enabling default setup has stalled, you can restart the process.
Error: "GitHub Code Security or GitHub Advanced Security must be enabled for this repository to use code scanning"
If you see this error, make sure that GitHub Code Security is enabled.
Error: "Out of disk" or Error: "Out of memory"
If you see one of these errors with GitHub Actions, you can try alternative runners.
Error: 403 "Resource not accessible by integration"
This error may be seen on pull requests created by Dependabot and can be resolved in a couple of different ways.
Error: "is not a .ql file, .qls file, a directory, or a query pack specification"
CodeQL was unable to locate one of the queries or sets of queries that are specified for analysis.
Error: "No source code was seen during the build"
When CodeQL fails to find any source code, you need to resolve this problem to unblock code scanning analysis.
Error: "Server error"
If you see this error, it may be transient. Check the current GitHub Actions service status, and try running your workflow again.
Extraction errors in the database
You can check whether or not extraction errors affect the health of the CodeQL database created.
Logs are not detailed enough
If you'd like to increase the level of detail in your logs, try these steps.
Results are different than expected
If your code scanning results are different than you expected, you can check which configurations are active.
Some languages were not analyzed with CodeQL advanced setup
If some languages were not analyzed, you can modify your code scanning workflow to add a matrix specifying the languages you want to analyze.
Two CodeQL workflows
If you see two workflows named "CodeQL", one workflow may be a pre-existing CodeQL workflow file which has been disabled by default setup.
Unclear what triggered a workflow run
If you don't know what triggered an analysis, investigate the ツールの状態ページ or look at the log for the last scan.
Warning: "1 issue was detected with this workflow: git checkout HEAD^2 is no longer necessary"
If you see this warning, you should update your workflow to follow current best practice.
Warning: Detected X Kotlin files in your project that could not be processed without a build
CodeQL databases can be created for Java without building the code, but Kotlin files are excluded unless the code is built.