Summary
I was testing the CodeQL Exercise, and the expected output in Step 2: Detect Vulnerabilities in a Pull Request was not similar
Instead, CodeQL check passed and only Copilot was able to detect the vulnerability
Is this a feature intended because the vulnerability did not hit the threshold to block CodeQL from passing?
Also is this something I can contribute to?
How to reproduce
- Follow Step 2: Detect Vulnerabilities in Pull Request
- Observe CodeQL passing check and Copilot capturing vulnerability
Please include screenshots.
Additional context
Referenced to Pull Request:
Chinzillla/skills-introduction-to-codeql#2
Summary
I was testing the CodeQL Exercise, and the expected output in Step 2: Detect Vulnerabilities in a Pull Request was not similar
Instead, CodeQL check passed and only Copilot was able to detect the vulnerability
Is this a feature intended because the vulnerability did not hit the threshold to block CodeQL from passing?
Also is this something I can contribute to?
How to reproduce
Please include screenshots.
Additional context
Referenced to Pull Request:
Chinzillla/skills-introduction-to-codeql#2