You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.md
+2-2Lines changed: 2 additions & 2 deletions
Original file line number
Diff line number
Diff line change
@@ -285,7 +285,7 @@ If your codebase depends on a library or framework that is not recognized by the
285
285
286
286
{% data reusables.code-scanning.beta-model-packs %}
287
287
288
-
{% ifversion codeql-threat-models-java %}
288
+
{% ifversion codeql-threat-models %}
289
289
290
290
### Using {% data variables.product.prodname_codeql %} model packs
291
291
@@ -501,7 +501,7 @@ packs:
501
501
{% endraw %}
502
502
{% endif %}
503
503
504
-
{% ifversion codeql-threat-models-java %}
504
+
{% ifversion codeql-threat-models %}
505
505
506
506
### Extending {% data variables.product.prodname_codeql %} coverage with threat models
Copy file name to clipboardExpand all lines: content/code-security/code-scanning/managing-your-code-scanning-configuration/editing-your-configuration-of-default-setup.md
+4-4Lines changed: 4 additions & 4 deletions
Original file line number
Diff line number
Diff line change
@@ -15,8 +15,8 @@ topics:
15
15
16
16
After running an initial analysis of your code with default setup, you may need to make changes to your configuration to better meet your code security needs. For existing configurations of default setup, you can edit{% ifversion code-scanning-without-workflow-310 %}:
17
17
- Which languages default setup will analyze.
18
-
- {% endif %} The query suite run during analysis. For more information on the available query suites, see "[AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/codeql-query-suites)."{% ifversion codeql-threat-models-java %}
19
-
- The threat models (beta) to use for analysis. Your choice of threat model determines which sources of tainted data are treated as a risk to your application. During the beta, threat models are supported only by Java analysis. For more information about threat models, see "[Including local sources of tainted data in default setup](#including-local-sources-of-tainted-data-in-default-setup)."
18
+
- {% endif %} The query suite run during analysis. For more information on the available query suites, see "[AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/codeql-query-suites)."{% ifversion codeql-threat-models %}
19
+
- The threat models (beta) to use for analysis. Your choice of threat model determines which sources of tainted data are treated as a risk to your application. During the beta, threat models are supported only for analysis of {% data variables.code-scanning.code_scanning_threat_model_support %}. For more information about threat models, see "[Including local sources of tainted data in default setup](#including-local-sources-of-tainted-data-in-default-setup)."
20
20
{% endif %}
21
21
22
22
{% ifversion codeql-model-packs %}
@@ -37,7 +37,7 @@ If you need to change any other aspects of your {% data variables.product.prodna
37
37
1. In the "{% data variables.product.prodname_codeql %} analysis" row of the "{% data variables.product.prodname_code_scanning_caps %}" section, select {% octicon "kebab-horizontal" aria-label="Menu" %}, then click {% octicon "gear" aria-hidden="true" %} **View {% data variables.product.prodname_codeql %} configuration**.
38
38
1. In the "{% data variables.product.prodname_codeql %} default configuration" window, click {% octicon "pencil" aria-hidden="true" %} **Edit**.
39
39
1. Optionally, in the "Languages" section, select or deselect languages for analysis.
40
-
1. Optionally, in the "Query suite" row of the "Scan settings" section, select a different query suite to run against your code.{% ifversion codeql-threat-models-java %}
40
+
1. Optionally, in the "Query suite" row of the "Scan settings" section, select a different query suite to run against your code.{% ifversion codeql-threat-models %}
41
41
1. (Beta) Optionally, in the "Threat model" row of the "Scan settings" section, select **Remote and local sources**.
42
42
{% endif %}
43
43
1. To update your configuration, as well as run an initial analysis of your code with the new configuration, click **Save changes**. All future analyses will use your new configuration.
@@ -64,7 +64,7 @@ If you need to change any other aspects of your {% data variables.product.prodna
64
64
1. Under "{% data variables.product.prodname_code_scanning_caps %}", in the "Protection rules" section, use the drop-down menu to define which alerts should cause a check failure. Choose one level for alerts of type "Security" and one level for all other alerts.{% else %}
65
65
1. Under "{% data variables.product.prodname_code_scanning_caps %}", to the right of "Check Failure", use the drop-down menu to select the level of severity you would like to cause a pull request check failure.{% endif %}
66
66
67
-
{% ifversion codeql-threat-models-java %}
67
+
{% ifversion codeql-threat-models %}
68
68
69
69
## Including local sources of tainted data in default setup
Copy file name to clipboardExpand all lines: content/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries.md
+2-2Lines changed: 2 additions & 2 deletions
Original file line number
Diff line number
Diff line change
@@ -296,13 +296,13 @@ For more information, see "[AUTOTITLE](/code-security/codeql-cli/using-the-advan
296
296
297
297
For information about creating custom query suites, see "[AUTOTITLE](/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/creating-codeql-query-suites)."
298
298
299
-
{% ifversion codeql-cli-threat-models-java %}
299
+
{% ifversion codeql-cli-threat-models %}
300
300
301
301
### Including model packs to add potential sources of tainted data
302
302
303
303
{% data reusables.code-scanning.beta-threat-models-cli %}
304
304
305
-
You can configure threat models in a {% data variables.product.prodname_code_scanning %} analysis. For more information, see "[Customizing library models for Java and Kotlin](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-java-and-kotlin)" in the {% data variables.product.prodname_codeql %} documentation.
305
+
You can configure threat models in a {% data variables.product.prodname_code_scanning %} analysis. For more information, see "[Threat models for Java and Kotlin](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-java-and-kotlin/#threat-models)" and "[Threat models for C#](https://codeql.github.com/docs/codeql-language-guides/customizing-library-models-for-csharp/#threat-models)" in the {% data variables.product.prodname_codeql %} documentation.
Copy file name to clipboardExpand all lines: data/reusables/code-scanning/beta-threat-models-cli.md
+2-2Lines changed: 2 additions & 2 deletions
Original file line number
Diff line number
Diff line change
@@ -1,8 +1,8 @@
1
-
{% ifversion codeql-cli-threat-models-java %}
1
+
{% ifversion codeql-cli-threat-models %}
2
2
3
3
{% note %}
4
4
5
-
**Note:** Threat models are currently in beta and subject to change. During the beta, threat models are supported only by Java analysis.
5
+
**Note:** Threat models are currently in beta and subject to change. During the beta, threat models are supported only by analysis for {% data variables.code-scanning.code_scanning_threat_model_support %}.
Copy file name to clipboardExpand all lines: data/reusables/code-scanning/beta-threat-models.md
+2-2Lines changed: 2 additions & 2 deletions
Original file line number
Diff line number
Diff line change
@@ -1,8 +1,8 @@
1
-
{% ifversion codeql-threat-models-java %}
1
+
{% ifversion codeql-threat-models %}
2
2
3
3
{% note %}
4
4
5
-
**Note:** Threat models are currently in beta and subject to change. During the beta, threat models are supported only by Java analysis.
5
+
**Note:** Threat models are currently in beta and subject to change. During the beta, threat models are supported only by analysis for {% data variables.code-scanning.code_scanning_threat_model_support %}.
0 commit comments