All results from CodeQL analysis appear under therepository’s code scanning alertstab. This section is part of theSecuritytab and provides a list of all current, fixed, and dismissed alerts found by CodeQL.
A CodeQL database is used internally during scanning but does not display results. Query packs contain rules, not results. Security advisories are for published vulnerabilities, not per-repo findings.
[: GitHub Docs – Viewing code scanning alerts, , , ]
Submit