Skip to content
This repository was archived by the owner on Sep 9, 2022. It is now read-only.
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
79 commits
Select commit Hold shift + click to select a range
cc80a8b
Code Scanning integration - importance of consistent filepaths #7017
hharen Aug 8, 2022
c928c39
Update uploading-a-sarif-file-to-github.md
hharen Aug 8, 2022
59652e9
Improve wording about fingerprints
hharen Aug 22, 2022
88aa138
Remove comments
hharen Aug 22, 2022
774598c
Improve wording
hharen Aug 22, 2022
1b288ce
Improve wording about fingerprints
hharen Aug 22, 2022
0d90f84
Merge branch 'main' into hharen/code-scanning-consistent-file-paths-7017
hharen Aug 22, 2022
a61e452
correct casing of x-hub-signature headers
Aug 24, 2022
d6a8a7d
swap string for a variable
hharen Aug 25, 2022
dfd1041
add another early access breadcrumb exception
sarahs Aug 26, 2022
9167f44
update search indexes
actions-user Aug 27, 2022
0125c72
Merge branch 'main' into repo-sync
Octomerger Aug 27, 2022
4d12a7e
Merge pull request #20211 from github/repo-sync
Octomerger Aug 27, 2022
464df26
New translation batch for pt (#30324)
docubot Aug 27, 2022
ae95ab7
Merge branch 'main' into repo-sync
Octomerger Aug 27, 2022
e1aa2c3
Merge pull request #20219 from github/repo-sync
Octomerger Aug 27, 2022
5806b16
update search indexes
actions-user Aug 27, 2022
309db27
Merge branch 'main' into repo-sync
Octomerger Aug 27, 2022
0a7daea
Merge pull request #20220 from github/repo-sync
Octomerger Aug 27, 2022
22114a9
update search indexes
actions-user Aug 28, 2022
35d47f4
Merge branch 'main' into repo-sync
Octomerger Aug 28, 2022
e164289
Merge pull request #20233 from github/repo-sync
Octomerger Aug 28, 2022
f4e8196
update search indexes
actions-user Aug 28, 2022
c2ce980
Merge branch 'main' into repo-sync
Octomerger Aug 28, 2022
4b21abe
Merge pull request #20236 from github/repo-sync
Octomerger Aug 28, 2022
ae8b943
New translation batch for pt (#30333)
docubot Aug 28, 2022
c7bd912
New translation batch for es (#30334)
docubot Aug 28, 2022
7ff6010
update search indexes
actions-user Aug 28, 2022
4495c16
Merge pull request #20240 from github/repo-sync
Octomerger Aug 28, 2022
05f8ff5
Merge branch 'main' into repo-sync
Octomerger Aug 28, 2022
bd86fca
Merge pull request #20241 from github/repo-sync
Octomerger Aug 28, 2022
c0aed02
GH NPM Package Registry Improvements GA (#29652)
vgrl Aug 28, 2022
4d1ae57
Merge branch 'main' into repo-sync
Octomerger Aug 28, 2022
ac0db50
Merge pull request #20245 from github/repo-sync
Octomerger Aug 28, 2022
2a594d4
Make runner adding requirement for service more obvious (#20173)
codewithdev Aug 29, 2022
ed8125e
Merge pull request #30341 from github/repo-sync
Octomerger Aug 29, 2022
a2c2d3b
update search indexes
actions-user Aug 29, 2022
0432e70
Merge pull request #20247 from github/repo-sync
Octomerger Aug 29, 2022
82b734d
Merge branch 'main' into hharen/code-scanning-consistent-file-paths-7017
sophietheking Aug 29, 2022
6bb2e8f
Merge pull request #29714 from github/hharen/code-scanning-consistent…
sophietheking Aug 29, 2022
a227e9a
Merge branch 'main' into repo-sync
Octomerger Aug 29, 2022
adf6122
Merge pull request #20250 from github/repo-sync
Octomerger Aug 29, 2022
089c2dd
update search indexes
actions-user Aug 29, 2022
cd8e6f8
New translation batch for cn (#30336)
docubot Aug 29, 2022
68fb490
New translation batch for ja (#30339)
docubot Aug 29, 2022
d196ca7
Merge branch 'main' into repo-sync
Octomerger Aug 29, 2022
b2870d1
Merge pull request #20253 from github/repo-sync
Octomerger Aug 29, 2022
a621a23
Merge branch 'main' into repo-sync
Octomerger Aug 29, 2022
dbddc00
Merge pull request #20255 from github/repo-sync
Octomerger Aug 29, 2022
2a33bcf
Enterprise bug fixes for the week of August 22, 2022 (#30308)
lecoursen Aug 29, 2022
09a40a7
Merge branch 'main' into patch-2
cmwilson21 Aug 29, 2022
06b62d0
Merge pull request #20135 from Jerry-AWS/patch-2
cmwilson21 Aug 29, 2022
c915ea1
Merge branch 'main' into repo-sync
Octomerger Aug 29, 2022
bfbbce0
Merge pull request #20258 from github/repo-sync
Octomerger Aug 29, 2022
c4bc708
Merge pull request #30350 from github/repo-sync
Octomerger Aug 29, 2022
12a7506
Merge branch 'main' into early-access-product-breadcrumbs
sarahs Aug 29, 2022
4e7fa7f
Merge pull request #30304 from github/early-access-product-breadcrumbs
sarahs Aug 29, 2022
ce644a8
Merge pull request #20260 from github/repo-sync
Octomerger Aug 29, 2022
543b3ee
Unbreak for code in rest tables and remove unnecessary import (#30314)
gracepark Aug 29, 2022
d4aac00
Merge branch 'main' into repo-sync
Octomerger Aug 29, 2022
11c8275
Merge pull request #20261 from github/repo-sync
Octomerger Aug 29, 2022
148257a
Make autogenerated REST examples work with JWTs (#30352)
Aug 29, 2022
7e3982d
Merge branch 'main' into repo-sync
Octomerger Aug 29, 2022
368495a
Merge pull request #20264 from github/repo-sync
Octomerger Aug 29, 2022
b359fa2
update search indexes
actions-user Aug 29, 2022
775c775
Audit log streaming to a Datadog endpoint (#29346)
lecoursen Aug 29, 2022
0fee537
Merge branch 'main' into repo-sync
Octomerger Aug 29, 2022
8e3498b
Merge pull request #20267 from github/repo-sync
Octomerger Aug 29, 2022
54fd2aa
New translation batch for es (#30357)
docubot Aug 29, 2022
1c29f00
Merge branch 'main' into repo-sync
Octomerger Aug 29, 2022
752a72c
New translation batch for pt (#30355)
docubot Aug 29, 2022
59bcd02
Merge pull request #20268 from github/repo-sync
Octomerger Aug 29, 2022
47d38c7
New translation batch for cn (#30360)
docubot Aug 29, 2022
e728c93
Merge branch 'main' into repo-sync
Octomerger Aug 29, 2022
ca8a564
Merge pull request #20271 from github/repo-sync
Octomerger Aug 29, 2022
05967a9
optionally check external URLs in rendered content (#25429)
Aug 29, 2022
fc9d6d7
Merge branch 'main' into repo-sync
Octomerger Aug 29, 2022
e8d882f
Merge pull request #20272 from github/repo-sync
Octomerger Aug 29, 2022
fc75f82
Update index.md
simontrinh0911 Aug 29, 2022
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
8 changes: 8 additions & 0 deletions .github/workflows/link-check-all.yml
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,14 @@ jobs:
# Don't care about CDN caching image URLs
DISABLE_REWRITE_ASSET_URLS: true
run: |

# Note as of Aug 2022, we *don't* check external links
# on the pages you touched in the PR. We could enable that
# but it has the added risk of false positives blocking CI.
# We are using this script for the daily/nightly checker that
# checks external links too. Once we're confident it really works
# well, we can consider enabling it here on every content PR too.

./script/rendered-content-link-checker.js \
--language en \
--max 100 \
Expand Down
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
8 changes: 2 additions & 6 deletions components/lib/get-rest-code-samples.ts
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ export function getShellExample(operation: Operation, codeSample: CodeSample) {

const args = [
operation.verb !== 'get' && `-X ${operation.verb.toUpperCase()}`,
`-H "Accept: ${defaultAcceptHeader}" \\ \n -H "Authorization: token <TOKEN>"`,
`-H "Accept: ${defaultAcceptHeader}" \\ \n -H "Authorization: Bearer <YOUR-TOKEN>"`,
`${operation.serverUrl}${requestPath}`,
requestBodyParams,
].filter(Boolean)
Expand Down Expand Up @@ -141,11 +141,7 @@ export function getJSExample(operation: Operation, codeSample: CodeSample) {
}
}
const comment = `// Octokit.js\n// https://github.com/octokit/core.js#readme\n`
const require = `const octokit = new Octokit(${stringify(
{ auth: 'personal-access-token123' },
null,
2
)})\n\n`
const require = `const octokit = new Octokit(${stringify({ auth: 'YOUR-TOKEN' }, null, 2)})\n\n`

return `${comment}${require}await octokit.request('${operation.verb.toUpperCase()} ${
operation.requestPath
Expand Down
2 changes: 1 addition & 1 deletion components/rest/RestOperation.module.scss
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,6 @@
table-layout: fixed !important;
}

.codeBlock code {
.codeBlock code:not(td *) {
word-break: break-all;
}
1 change: 0 additions & 1 deletion components/ui/MiniTocs/MiniTocs.tsx
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
import React from 'react'
import { Heading, NavList } from '@primer/react'
import cx from 'classnames'

Expand Down
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
---
title: Managing subscriptions and notifications on GitHub
intro: 'You can specify how to receive notifications, the repositories you are interested in, and the types of activity you want to hear about.'
redirect_from:
- /categories/76/articles
- /categories/notifications
- /categories/receiving-notifications-about-activity-on-github
- /github/managing-subscriptions-and-notifications-on-github
versions:
title: Managing subscriptions and notifications on GitHub
intro: 'You can specify how to receive notifications, the repositories you are interested in, and the types of activity you want to hear about.'
redirect_from:
- /categories/76/articles
- /categories/notifications
- /categories/receiving-notifications-about-activity-on-github
- /github/managing-subscriptions-and-notifications-on-github
versions:
fpt: '*'
ghes: '*'
ghae: '*'
Expand All @@ -19,4 +19,3 @@ children:
- /managing-subscriptions-for-activity-on-github
shortTitle: Subscriptions & notifications
---

Original file line number Diff line number Diff line change
Expand Up @@ -18,15 +18,24 @@ shortTitle: Run runner app on startup

{% capture service_first_step %}1. Stop the self-hosted runner application if it is currently running.{% endcapture %}
{% capture service_non_windows_intro_shell %}On the runner machine, open a shell in the directory where you installed the self-hosted runner application. Use the commands below to install and manage the self-hosted runner service.{% endcapture %}
{% capture service_nonwindows_intro %}You must add a runner to {% data variables.product.product_name %} before you can configure the self-hosted runner application as a service. For more information, see "[Adding self-hosted runners](/github/automating-your-workflow-with-github-actions/adding-self-hosted-runners)."{% endcapture %}
{% capture service_win_name %}actions.runner.*{% endcapture %}

{% capture service_nonwindows_intro %}

{% note %}

**Note:** You must add a runner to {% data variables.product.product_name %} before you can configure the self-hosted runner application as a service.
For more information, see "[Adding self-hosted runners](/github/automating-your-workflow-with-github-actions/adding-self-hosted-runners)."

{% endnote %}
{% endcapture %}

{% capture service_win_name %}actions.runner.*{% endcapture %}

{% linux %}

{{ service_nonwindows_intro }}

For Linux systems that use `systemd`, you can use the `svc.sh` script distributed with the self-hosted runner application to install and manage using the application as a service.
For Linux systems that use `systemd`, you can use the `svc.sh` script that is created after successfully adding the runner to install and manage using the application as a service.

{{ service_non_windows_intro_shell }}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -98,9 +98,9 @@ Each time you create a new release, you can trigger a workflow to publish your p

### Configuring the destination repository

If you don't provide the `repository` key in your *package.json* file, then {% data variables.product.prodname_registry %} publishes a package in the {% data variables.product.prodname_dotcom %} repository you specify in the `name` field of the *package.json* file. For example, a package named `@my-org/test` is published to the `my-org/test` {% data variables.product.prodname_dotcom %} repository.
Linking your package to {% data variables.product.prodname_registry %} using the `repository` key is optional. If you choose not to provide the `repository` key in your *package.json* file, then {% data variables.product.prodname_registry %} publishes a package in the {% data variables.product.prodname_dotcom %} repository you specify in the `name` field of the *package.json* file. For example, a package named `@my-org/test` is published to the `my-org/test` {% data variables.product.prodname_dotcom %} repository. If the `url` specified in the `repository` key is invalid, your package may still be published however it won't be linked to the repository source as intended.

However, if you do provide the `repository` key, then the repository in that key is used as the destination npm registry for {% data variables.product.prodname_registry %}. For example, publishing the below *package.json* results in a package named `my-amazing-package` published to the `octocat/my-other-repo` {% data variables.product.prodname_dotcom %} repository.
If you do provide the `repository` key in your *package.json* file, then the repository in that key is used as the destination npm registry for {% data variables.product.prodname_registry %}. For example, publishing the below *package.json* results in a package named `my-amazing-package` published to the `octocat/my-other-repo` {% data variables.product.prodname_dotcom %} repository. Once published, only the repository source is updated, and the package doesn't inherit any permissions from the destination repository.

```json
{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,8 @@ You set up the audit log stream on {% data variables.product.product_name %} by

- [Amazon S3](#setting-up-streaming-to-amazon-s3)
- [Azure Blob Storage](#setting-up-streaming-to-azure-blob-storage)
- [Azure Event Hubs](#setting-up-streaming-to-azure-event-hubs)
- [Azure Event Hubs](#setting-up-streaming-to-azure-event-hubs){% ifversion streaming-datadog %}
- [Datadog](#setting-up-streaming-to-datadog){% endif %}
- [Google Cloud Storage](#setting-up-streaming-to-google-cloud-storage)
- [Splunk](#setting-up-streaming-to-splunk)

Expand All @@ -60,7 +61,7 @@ You can set up streaming to S3 with access keys or, to avoid storing long-lived
#### Setting up streaming to S3 with access keys
{% endif %}

To stream audit logs to Amazon's S3 endpoint, you must have a bucket and access keys. For more information, see [Creating, configuring, and working with Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) in the the AWS documentation. Make sure to block public access to the bucket to protect your audit log information.
To stream audit logs to Amazon's S3 endpoint, you must have a bucket and access keys. For more information, see [Creating, configuring, and working with Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) in the AWS documentation. Make sure to block public access to the bucket to protect your audit log information.

To set up audit log streaming from {% data variables.product.prodname_dotcom %} you will need:
* The name of your Amazon S3 bucket
Expand Down Expand Up @@ -231,6 +232,32 @@ You need two pieces of information about your event hub: its instance name and t

{% data reusables.enterprise.verify-audit-log-streaming-endpoint %}

{% ifversion streaming-datadog %}
### Setting up streaming to Datadog

To set up streaming to Datadog, you must create a client token or an API key in Datadog, then configure audit log streaming in {% data variables.product.product_name %} using the token for authentication. You do not need to create a bucket or other storage container in Datadog.

After you set up streaming to Datadog, you can see your audit log data by filtering by "github.audit.streaming." For more information, see [Log Management](https://docs.datadoghq.com/logs/).

1. If you don't already have a Datadog account, create one.
1. In Datadog, generate a client token or an API key, then click **Copy key**. For more information, see [API and Application Keys](https://docs.datadoghq.com/account_management/api-app-keys/) in Datadog Docs.
{% data reusables.enterprise.navigate-to-log-streaming-tab %}
1. Select the **Configure stream** dropdown menu and click **Datadog**.

![Screenshot of the "Configure stream" dropdown menu with "Datadog" highlighted](/assets/images/help/enterprises/audit-stream-choice-datadog.png)
1. Under "Token", paste the token you copied earlier.

![Screenshot of the "Token" field](/assets/images/help/enterprises/audit-stream-datadog-token.png)
1. Select the "Site" dropdown menu and click your Datadog site. To determine your Datadog site, compare your Datadog URL to the table in [Datadog sites](https://docs.datadoghq.com/getting_started/site/) in Datadog Docs.

![Screenshot of the "Site" dropdown menu](/assets/images/help/enterprises/audit-stream-datadog-site.png)
1. To verify that {% data variables.product.prodname_dotcom %} can connect and write to the Datadog endpoint, click **Check endpoint**.

![Check the endpoint](/assets/images/help/enterprises/audit-stream-check.png)
{% data reusables.enterprise.verify-audit-log-streaming-endpoint %}
1. After a few minutes, confirm that audit log data is appearing on the **Logs** tab in Datadog. If audit log data is not appearing, confirm that your token and site are correct in {% data variables.product.prodname_dotcom %}.
{% endif %}

### Setting up streaming to Google Cloud Storage

To set up streaming to Google Cloud Storage, you must create a service account in Google Cloud with the appropriate credentials and permissions, then configure audit log streaming in {% data variables.product.product_name %} using the service account's credentials for authentication.
Expand Down Expand Up @@ -292,6 +319,10 @@ To stream audit logs to Splunk's HTTP Event Collector (HEC) endpoint you must ma

Pausing the stream allows you to perform maintenance on the receiving application without losing audit data. Audit logs are stored for up to seven days on {% data variables.product.product_location %} and are then exported when you unpause the stream.

{% ifversion streaming-datadog %}
Datadog only accepts logs from up to 18 hours in the past. If you pause a stream to a Datadog endpoint for more than 18 hours, you risk losing logs that Datadog won't accept after you resume streaming.
{% endif %}

{% data reusables.enterprise.navigate-to-log-streaming-tab %}
1. Click **Pause stream**.

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,8 @@ You can also configure allowed IP addresses for an individual organization. For

{% data reusables.identity-and-permissions.about-adding-ip-allow-list-entries %}

{% data reusables.identity-and-permissions.ipv6-allow-lists %}

{% data reusables.enterprise-accounts.access-enterprise %}
{% data reusables.enterprise-accounts.settings-tab %}
{% data reusables.enterprise-accounts.security-tab %}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -45,9 +45,15 @@ If you upload a second SARIF file for a commit with the same category and from t

If you're new to SARIF and want to learn more, see Microsoft's [`SARIF tutorials`](https://github.com/microsoft/sarif-tutorials) repository.

## Preventing duplicate alerts using fingerprints
## Providing data to track {% data variables.product.prodname_code_scanning %} alerts across runs

Each time the results of a new code scan are uploaded, the results are processed and alerts are added to the repository. To prevent duplicate alerts for the same problem, {% data variables.product.prodname_code_scanning %} uses fingerprints to match results across various runs so they only appear once in the latest run for the selected branch. This makes it possible to match alerts to the right line of code when files are edited.
Each time the results of a new code scan are uploaded, the results are processed and alerts are added to the repository. To prevent duplicate alerts for the same problem, {% data variables.product.prodname_code_scanning %} uses fingerprints to match results across various runs so they only appear once in the latest run for the selected branch. This makes it possible to match alerts to the correct line of code when files are edited. The `ruleID` for a result has to be the same across analysis.

### Reporting consistent filepaths

The filepath has to be consistent across the runs to enable a computation of a stable fingerprint. If the filepaths differ for the same result, each time there is a new analysis a new alert will be created, and the old one will be closed. This will cause having multiple alerts for the same result.

### Including data for fingerprint generation

{% data variables.product.prodname_dotcom %} uses the `partialFingerprints` property in the OASIS standard to detect when two results are logically identical. For more information, see the "[partialFingerprints property](https://docs.oasis-open.org/sarif/sarif/v2.1.0/cs01/sarif-v2.1.0-cs01.html#_Toc16012611)" entry in the OASIS documentation.

Expand Down Expand Up @@ -138,7 +144,7 @@ Each `result` object contains details for one alert in the codebase. Within the
| `level`| **Optional.** The severity of the result. This level overrides the default severity defined by the rule. {% data variables.product.prodname_code_scanning_capc %} uses the level to filter results by severity on {% data variables.product.prodname_dotcom %}.
| `message.text`| **Required.** A message that describes the result. {% data variables.product.prodname_code_scanning_capc %} displays the message text as the title of the result. Only the first sentence of the message will be displayed when visible space is limited.
| `locations[]`| **Required.** The set of locations where the result was detected up to a maximum of 10. Only one location should be included unless the problem can only be corrected by making a change at every specified location. **Note:** At least one location is required for {% data variables.product.prodname_code_scanning %} to display a result. {% data variables.product.prodname_code_scanning_capc %} will use this property to decide which file to annotate with the result. Only the first value of this array is used. All other values are ignored.
| `partialFingerprints`| **Required.** A set of strings used to track the unique identity of the result. {% data variables.product.prodname_code_scanning_capc %} uses `partialFingerprints` to accurately identify which results are the same across commits and branches. {% data variables.product.prodname_code_scanning_capc %} will attempt to use `partialFingerprints` if they exist. If you are uploading third-party SARIF files with the `upload-action`, the action will create `partialFingerprints` for you when they are not included in the SARIF file. For more information, see "[Preventing duplicate alerts using fingerprints](#preventing-duplicate-alerts-using-fingerprints)." **Note:** {% data variables.product.prodname_code_scanning_capc %} only uses the `primaryLocationLineHash`.
| `partialFingerprints`| **Required.** A set of strings used to track the unique identity of the result. {% data variables.product.prodname_code_scanning_capc %} uses `partialFingerprints` to accurately identify which results are the same across commits and branches. {% data variables.product.prodname_code_scanning_capc %} will attempt to use `partialFingerprints` if they exist. If you are uploading third-party SARIF files with the `upload-action`, the action will create `partialFingerprints` for you when they are not included in the SARIF file. For more information, see "[Providing data to track code scanning alerts across runs](#providing-data-to-track-code-scanning-alerts-across-runs)." **Note:** {% data variables.product.prodname_code_scanning_capc %} only uses the `primaryLocationLineHash`.
| `codeFlows[].threadFlows[].locations[]`| **Optional.** An array of `location` objects for a `threadFlow` object, which describes the progress of a program through a thread of execution. A `codeFlow` object describes a pattern of code execution used to detect a result. If code flows are provided, {% data variables.product.prodname_code_scanning %} will expand code flows on {% data variables.product.prodname_dotcom %} for the relevant result. For more information, see the [`location` object](#location-object).
| `relatedLocations[]`| A set of locations relevant to this result. {% data variables.product.prodname_code_scanning_capc %} will link to related locations when they are embedded in the result message. For more information, see the [`location` object](#location-object).

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ For more information see the [`upload-sarif` action](https://github.com/github/c

The `upload-sarif` action can be configured to run when the `push` and `scheduled` event occur. For more information about {% data variables.product.prodname_actions %} events, see "[Events that trigger workflows](/actions/reference/events-that-trigger-workflows)."

If your SARIF file doesn't include `partialFingerprints`, the `upload-sarif` action will calculate the `partialFingerprints` field for you and attempt to prevent duplicate alerts. {% data variables.product.prodname_dotcom %} can only create `partialFingerprints` when the repository contains both the SARIF file and the source code used in the static analysis. For more information about preventing duplicate alerts, see "[About SARIF support for code scanning](/code-security/secure-coding/sarif-support-for-code-scanning#preventing-duplicate-alerts-using-fingerprints)."
If your SARIF file doesn't include `partialFingerprints`, the `upload-sarif` action will calculate the `partialFingerprints` field for you and attempt to prevent duplicate alerts. {% data variables.product.prodname_dotcom %} can only create `partialFingerprints` when the repository contains both the SARIF file and the source code used in the static analysis. For more information about preventing duplicate alerts, see "[About SARIF support for code scanning](/code-security/secure-coding/sarif-support-for-code-scanning#providing-data-to-track-code-scanning-alerts-across-runs)."

{% data reusables.code-scanning.upload-sarif-alert-limit %}

Expand Down
Loading