You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
do you have any plans to add support for custom query suites in default setup?
That is, something similar to the organization-level CodeQL model packs described in this blog post.
The text was updated successfully, but these errors were encountered:
We are working on making code scanning default setup more customizable using CodeQL packs. Custom CodeQL query packs will likely be coming up next but we don't have an exact timeframe yet.
Your feedback can help us make sure we integrate packs into code scanning in the right way. Can you say a little more about how you use custom CodeQL queries and how you would like to be able to use them in code scanning please?
We are using GHES and have a reusable workflow for code scanning to avoid duplication. In this workflow we specify queries to be run, in addition to the default queries. We also exclude some of the default queries with a custom configuration file. I find that scaling and maintaining our current setup is challenging as it requires adding a caller workflow in each repository we want to onboard. However, if we go with default setup we can only choose between the built in query suites. I understand that the configuration options in default setup is more limited than with advanced setup but being able to specify additional query packs would go a long way.
Hi,
do you have any plans to add support for custom query suites in default setup?
That is, something similar to the organization-level CodeQL model packs described in this blog post.
The text was updated successfully, but these errors were encountered: