Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Missing files in Files scanned #15608

Unanswered
MattPlum asked this question in Q&A
Feb 13, 2024 · 1 comments · 3 replies
Discussion options

How can I get this number to 100%? I am running the default codeql.yaml file on a repo, with the addition of 'debug: true' parameter. I see the files that are missing in the exported CSV, but how can I add those to the scan?

image

I found this page:
https://docs.github.com/en/code-security/code-scanning/troubleshooting-code-scanning/fewer-lines-scanned-than-expected

but is there a way to manually add these files to the .yaml file in order to scan them?
You must be logged in to vote

Replies: 1 comment 3 replies

Comment options

I assume you're using the autobuilder at the moment? If so, does the build it kicks off touch all the C# source you're interested in?

If it does, then there may be a problem with creating the CodeQL database and we should investigate further. On the other hand if there is C# source present that is not touched by that build, you could improve the coverage by replacing the autobuilder with a manual build command (or more than one) that builds all the source files you want to cover.
You must be logged in to vote
3 replies
Comment options

Hi thanks for the response. It sees the 30 files, but only scans 13 of them, so it doesnt touch all the code im interested in. I replaced the autobuilder with a manual build command:

- if: matrix.language == 'csharp'
 name: Build Csharp
 run: dotnet build "App.sln"

But it produces the same result of only scanning 13/30 files.

Is there a way to manually enter these files? I know the file names but just not sure how to force codeql to scan them
Comment options

It seems likely there is an issue with database creation in that case. Are you able to share an example CodeQL database, or if the codebase is too sensitive for that, to reproduce the problem with dummy / shareable code?
Comment options

Its alright, decided its not worth all the trouble to scan the missing files. Thanks for the help though
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
2 participants

AltStyle によって変換されたページ (->オリジナル) /