JS Scanner Runs Extremely Slow in CodeQL Analysis #2756
Comments
|
👋 @laipz8200 I'm sorry to hear you encountered this problem. It seems like the |
|
Hi @laipz8200. Thanks for the report. As also mentioned in github/codeql#18584, this is a consequence of our recent switch to the same data flow library used by other languages. There are rare cases where this type of slowdown can occur and we're looking into ways to fix it, but for now I've added this reproduction case to our internal tracking issue. In the meantime, the best workaround I can offer is to disable the specific query, by adding this to a file called query-filters:
- exclude:
id: js/regex-injection |
Thank you all very much for your responses. I tried adding the configuration file to the project, but it doesn’t seem to have solved the problem. I’m using GitHub’s default configuration—should I switch to the advanced configuration? Here is the PR I used for testing: langgenius/dify#13365 |
Hi,
We have observed that the JavaScript scanner in CodeQL runs extremely slowly. Below is a snippet from the logs:
more info
This task took 156 minutes to complete, leading to a total execution time of approximately 2.5 hours for our GitHub Actions workflow. This significantly impacts our CI/CD efficiency.
Expected Behavior
We expect the JavaScript scanning process to complete in a more reasonable timeframe to ensure smooth and efficient CI/CD pipelines.
Actual Behavior
The scanning process is taking an excessive amount of time, causing long delays in our GitHub Actions runs.
The text was updated successfully, but these errors were encountered: