Using CodeQL on a .Net/C# Application #25977
-
I enabled CodeQL on an older project that uses .Net framework. Repo is here Adding the default CodeQL workflow failed as the ‘Autobuild’ task failed. According to the docs, I should manually build the solution which is fine. I did that but then CodeQL analysis failed as it could not find any code to analyse. It is not clear where the compiled code or source should be located for this to work. Any tips on that as it is unclear where to place the files to proceed? The workflow that ran and failed that I mentioned is here cc: @jhutchings1 |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
I forked your repository and tested on my side, I can reproduce the same problems. I have created an issue ticket (github/codeql-action#98) in the repository of the CodeQL Action to report the questions to the appropriate engineering team for further investigation and evaluation. You can follow that issue ticket and add your comments on it. |
Beta Was this translation helpful? Give feedback.
-
Engineering confirmed that this behavior is related to the |
Beta Was this translation helpful? Give feedback.
Engineering confirmed that this behavior is related to the
UseSharedCompilation
flag for msbuild and dotnet build. https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-code-scanning#using-net-core-2-for-builds-in-linux