Troubleshooting CodeQL Errors

Question

CodeQL has reported errors or warnings when scanning my application. How do I resolve these errors?

Answer

There are a number of different error messages that may be reported by CodeQL. Common error messages will be listed here along with pointers to other technical notes that provide information on how to resolve those issues. Please see the page on How to view errors reported by CodeQL for details on viewing errors messages.

Error codes are sorted by the location where the errors are reported by CodeQL:

  • Tool health status, or
  • Result of running the CodeQL workflow

Error Codes

Please note that the following is not a complete list of error messages and will be expanded as more become known:

Error Code Location Error Message Notes
Tool Health Code Scanning results may be out of date [...]

This may be the result of an old scan or an old scanning configuration that may no longer be in use. Either a new scan must be performed or an old configuration must be deleted.

This error may affect the results of the scan.
Tool Health CodeQL exited with errors [...] This error may affect the results of the scan. Fix the CodeQL error. Other errors may also be present to help diagnose the problem.
Tool Health Could not process some files due to syntax errors [...] This error may affect the results of the scan.
Tool Health Could not process Kotlin files without a build [...]

The Kotlin files are not being built as part of the scan. The scanning process must be updated to build the files. This may require enabling autobuild or manual build modes. Please see the CodeQL documentation for more information.

This error may affect the results of the scan.
Tool Health [#] duplicate classes filtered out [...]

This error may affect the results of the scan.
Tool Health Low Java analysis quality [...]

CodeQL is scanning the Java code without building it, which may reduce the quality of the results. This may be resolved by building the code as part of the scan. Please see the CodeQL documentation for more information.

This error may affect the results of the scan.
Tool Health No code scanning results [...] This error may affect the results of the scan. No code scanning results were produced. Any errors that were identified must be resolved so a scan can be produced.
Tool Health No supported build command succeeded [...] This error may affect the results of the scan. CodeQL must be able to build the application to scan it and was not able to build it. Custom build command may need to be specified.
Workflow Unexpected input(s) 'paths' [...] Please see the CodeQL documentation for more information about specifying directories to scan. Note that the paths directive belongs in either a configuration file or the config section of the workflow file.

Additional Notes

Some error messages may be the result of issues in the CodeQL tool. Confirmed issues are posted in this technical note.

If you are having trouble resolving a warning or error message, contact OIT.

References

  • See referenced technical notes