Where is the suppression file for Code Scanning commonly placed?

Prepare for the GitHub Advanced Security Certification Test. Practice with multiple choice questions, detailed explanations, and hints. Achieve success on your first attempt!

Multiple Choice

Where is the suppression file for Code Scanning commonly placed?

Explanation:
Code Scanning suppression rules for CodeQL are read from a specific YAML file placed in the repository. The standard location is .github/code-scanning/codeql-suppressions.yml. This path and filename are recognized by GitHub’s Code Scanning setup, so placing the suppression rules here ensures they’re applied automatically to the findings. Placing a similarly named file in the repository root or in a different folder won’t be picked up by Code Scanning, and using an alternative filename misaligns with the expected configuration layout. The exact path to use is .github/code-scanning/codeql-suppressions.yml.

Code Scanning suppression rules for CodeQL are read from a specific YAML file placed in the repository. The standard location is .github/code-scanning/codeql-suppressions.yml. This path and filename are recognized by GitHub’s Code Scanning setup, so placing the suppression rules here ensures they’re applied automatically to the findings.

Placing a similarly named file in the repository root or in a different folder won’t be picked up by Code Scanning, and using an alternative filename misaligns with the expected configuration layout. The exact path to use is .github/code-scanning/codeql-suppressions.yml.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy