Skip to content

Github Actions Step 2: Detect Vulnerabilities not blocking CodeQL check #63

Description

@Chinzillla

Summary

I was testing the CodeQL Exercise, and the expected output in Step 2: Detect Vulnerabilities in a Pull Request was not similar

Instead, CodeQL check passed and only Copilot was able to detect the vulnerability

Is this a feature intended because the vulnerability did not hit the threshold to block CodeQL from passing?

Also is this something I can contribute to?

How to reproduce

  1. Follow Step 2: Detect Vulnerabilities in Pull Request
  2. Observe CodeQL passing check and Copilot capturing vulnerability

Please include screenshots.

Image

Additional context

Referenced to Pull Request:
Chinzillla/skills-introduction-to-codeql#2

Metadata

Metadata

Assignees

Labels

bugSomething isn't working

Type

No type

Fields

No fields configured for issues without a type.

Projects

Status
✅ Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions