How to clean up CodeQL tool health status

Question

The tool health status check for my repository shows statuses for tools or languages I no longer use. How do I clean up the CodeQL tool health status for my repository?

Answer

The Tool Health Status is found on the code scanning alerts page:

  • Navigate to your application’s GitHub repository and select the “Security” tab:

    Image of tab that says Security

  • On the left-hand side of the “Security overview” page will be a section showing the number of open vulnerability alerts. Select the “Code scanning” menu item to view the alerts:

    Image of vulnerability alert menu with code scanning highlighted

  • Near the top of the page is the Tool Status bar. If there’s a green “All tools are working as expected”, then there are no issues with CodeQL. However if the status is not green, (e.g., a yellow “CodeQL is reporting warnings” or a red “CodeQL is reporting errors”) more investigation is needed:

    Image of tool status bar with CodeQL is reporting errors message.

  • Click on the “Tools” button

  • Look at status of the “CodeQL” tool. There may be more than one.

    Tools sidebar listing only CodeQL.

  • Click the setup type for the tool you want to remove. In this example, we removed an old codeql.yml workflow file so we want to remove this configuration:

    Tools setup with a CodeQL and a codeql.yml setup

  • The left sidebar will now show the CodeQL one or more configurations:

    Configurations: language:java-kotlin

  • Select the configuration of this tool that you want to remove:

    Status details - workflow file not found

  • Select the three dots in the upper right hand corner and select “Delete configuration”:

    Delete configuration option

  • Finally, confirm the delete in the confirmation dialog.

If you want to delete the entire tool from this page, then delete all the configurations for the tool. Once all the configurations are deleted for a tool, the tool will no longer be reported in the tool status. It may take a few minutes before the changes propagate and it no longer shows up in the tool health check.

References