참고 항목
사이트 관리자가 먼저 code scanning을 사용하도록 설정해야 이 기능을 사용할 수 있습니다. 자세한 내용은 어플라이언스에 대한 코드 스캐닝 구성을(를) 참조하세요.
엔터프라이즈 소유자가 엔터프라이즈 수준에서 GitHub Advanced Security 정책을 설정한 경우 code scanning을 사용하거나 사용하지 않도록 설정할 수 없습니다. 자세한 내용은 엔터프라이즈에 대한 코드 보안 및 분석을 위한 정책 적용을(를) 참조하세요.
What is the 도구 상태 페이지?
The 도구 상태 페이지 shows information about all of your code scanning tools and is a good starting point for debugging problems when code scanning isn't working as expected.
참고 항목
The 도구 상태 페이지 shows tool status at the repository level for the default branch only, not at the organization level.
Tool status indicators
The 도구 상태 페이지 displays one of three statuses:
- All configurations are working: All tools are operating as expected
- Some configurations need attention: Some tools have warnings or non-critical issues
- Some configurations are not working: One or more tools have critical errors
What information is available
For all code scanning tools
- Configuration status and health
- Scan scheduling
- First and most recent scan times
- Rules used in scans
For integrated tools like CodeQL
In addition to the information listed above, the 도구 상태 페이지 for integrated tools provides the following details:
- File coverage percentages by programming language
- Configuration details for each setup type
- Specific error messages
- Downloadable CSV reports of analyzed files
- Downloadable lists of rules used and alert counts
How CodeQL defines scanned files
CodeQL reports a file as scanned if some lines of code in that file were processed.
Interpreted languages
- Default setup: Scanned files include all source code files for languages CodeQL can analyze
- Advanced setup: You can use
pathsandpaths-ignoreto define which files to scan. See CodeQL을 사용하는 코드 검사 안내.
Compiled languages
The 도구 상태 페이지 reports files present before running autobuild or manual build steps. Files generated during the build process are not shown. See 컴파일된 언어에 CodeQL 코드 스캐닝.
Coverage calculation
File coverage percentages respect any files excluded by paths and paths-ignore configuration properties.
Understanding file coverage percentages
Use file coverage percentages to debug and improve your analysis:
- High percentage: Code scanning is working as expected for that language
- Low percentage: Investigate diagnostic output. See CodeQL이 예상보다 적은 줄을 스캔했습니다.
- Zero percentage: You may have code in languages not currently being analyzed. Update your setup to include these languages. See 코드 검사를 위한 고급 설정을 사용자 지정하기
참고 항목
If you set up both advanced setup and default setup, the 도구 상태 페이지 only shows default setup.
Troubleshooting features
The 도구 상태 페이지 helps you troubleshoot issues through:
- Error messages: Explains why tools aren't performing as expected with suggested actions
- File coverage data: Shows which files and languages are being analyzed
- Configuration details: Displays information about each analysis run
- Downloadable reports: Provides CSV reports with detailed file and rule information