After running CodeQL scanning, it generated more than one thousand alerts almost all of which are irrelevant. I removed CodeQL from GitHub actions, but the Security tab still shows all the alerts. Is it possible to remove them? I was not able to find any information in the documentation.
You have two options:
- Delete multiple alerts at once (Here I think you can only delete 25 at a time).
- Use the
gh
cli to delete the code-scanning analysis itself:
a. Get a list of ids:
$ gh api /repos/<org>/<name>code-scanning/analyses | jq 'map(.id)'
b. for each id returned
$ gh api \
--method DELETE \
-H "Accept: application/vnd.github.v3+json" \
/repos/OWNER/REPO/code-scanning/analyses/ANALYSIS_ID
Thank you for the answer.
I have to admit that this is very confusing. I wish there was a clear way to see and delete the analyses through the web interface.
Thanks for your feedback. I’ll pass this on to the team who maintains the code scanning UI.