Build Mode None Used

Question

What does the CodeQL scan issue “Build mode "none" used” mean, how can I detect it, and how can I fix it?

Answer

This scan issue indicates that CodeQL was run with build-mode set to none. Creating a CodeQL database without a build may produce less accurate results than using autobuild or manual build steps.

How to detect

Setting build mode to none is done in the CodeQL workflow file, e.g., for C#,

- name: Initialize CodeQL
  uses: github/codeql-action/init@v3
  with:
    languages: csharp
    build-mode: none

How to resolve

Avoid using build mode none for compiled languages. Specify manual build steps if autobuild fails.

References

• CodeQL code scanning for compiled languages