Skip to content

Only the top 5,000 results will be included, prioritized by severity. does not describe actual deployed behavior #38085

New issue
New issue
Open
Open
Only the top 5,000 results will be included, prioritized by severity. does not describe actual deployed behavior#38085
Labels
code securityContent related to code securitycontentThis issue or pull request belongs to the Docs Content teamneeds SMEThis proposal needs review from a subject matter expert
@jsoref

Description

@jsoref
jsoref
opened on May 6, 2025

Code of Conduct

What article on docs.github.com is affected?

https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#validating-your-sarif-file

What part(s) of the article would you like to see updated?

The table says:

SARIF data Maximum values Data truncation limits
Results per run 25,000 Only the top 5,000 results will be included, prioritized by severity.

The current implementation doesn't appear to do that.

Either the text should be updated to say something else (my guess is that it's the top 5,000 results per severity), or the implementation should be changed to match the documentation (which would probably make more sense than the current behavior)

Additional information

https://github.com/check-spelling-sandbox/cert-manager/security

Image

check-spelling is reporting warnings. Check the status page for help.

https://github.com/check-spelling-sandbox/cert-manager/security/code-scanning/tools/check-spelling/status/configurations/actions-FZTWS5DIOVRC653POJVWM3DPO5ZS643QMVWGY2LOM4XHS3LM/e511b5682fa14795a6796791aeed75c7a0b4745efbf2807c37c878e23539b510

Image

Status
1 warning

Analysis SARIF file exceeded alert limits
View workflow run
An analysis file contained 5421 results which is more than our limit of 5000. Only 5000 were stored, the additional ones were ignored.

Learn more about limits in SARIF uploads.

^ This is the link to the page in question

https://github.com/check-spelling-sandbox/cert-manager/security/code-scanning?query=is%3Aopen+branch%3Aspell-check-with-spelling+tool%3Acheck-spelling

Image

https://github.com/check-spelling-sandbox/cert-manager/security/code-scanning?query=is%3Aopen+branch%3Aspell-check-with-spelling+tool%3Acheck-spelling+severity%3Anote%2Cwarning

Image

https://github.com/check-spelling-sandbox/cert-manager/security/code-scanning?query=is%3Aopen+branch%3Aspell-check-with-spelling+tool%3Acheck-spelling+severity%3Aerror

Image

https://ghsecuritylab.slack.com/archives/CQUMTHL1M/p1746543939781819

Metadata

Metadata

Assignees

No one assigned

    Labels

    code securityContent related to code securitycontentThis issue or pull request belongs to the Docs Content teamneeds SMEThis proposal needs review from a subject matter expert

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions