How to clean up CodeQL tool health status
Question
The tool health status check for my repository shows statuses for tools or languages I no longer use. How do I clean up the CodeQL tool health status for my repository?
Answer
The Tool Health Status is found on the code scanning alerts page:
-
Navigate to your application’s GitHub repository and select the “Security” tab:
-
On the left-hand side of the “Security overview” page will be a section showing the number of open vulnerability alerts. Select the “Code scanning” menu item to view the alerts:
-
Near the top of the page is the Tool Status bar. If there’s a green “All tools are working as expected”, then there are no issues with CodeQL. However if the status is not green, (e.g., a yellow “CodeQL is reporting warnings” or a red “CodeQL is reporting errors”) more investigation is needed:
-
Click on the “Tools” button
-
Look at status of the “CodeQL” tool. There may be more than one.
-
Click the setup type for the tool you want to remove. In this example, we removed an old codeql.yml workflow file so we want to remove this configuration:
-
The left sidebar will now show the CodeQL one or more configurations:
-
Select the configuration of this tool that you want to remove:
-
Select the three dots in the upper right hand corner and select “Delete configuration”:
-
Finally, confirm the delete in the confirmation dialog.
If you want to delete the entire tool from this page, then delete all the configurations for the tool. Once all the configurations are deleted for a tool, the tool will no longer be reported in the tool status. It may take a few minutes before the changes propagate and it no longer shows up in the tool health check.