Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit 65046e1

Browse files
author
Jarosław Żołnowski
authored
build(codeql): improve code scanning configuration (#17)
- exclude .md and .txt files from analysis - upgrade codeql to `v3` - the current version of the CodeQL (`v1`) was deprecated on January 18th, 2023, and is no longer updated or supported. For better performance, improved security, and new features, we upgrade it to v3. [More information](https://github.blog/changelog/2023-01-18-code-scanning-codeql-action-v1-is-now-deprecated) - comment out the autobuild step, which is not needed with javascript-based code - set the timeout-minutes option to 360 - the maximum number of minutes to run the step before killing the process
1 parent 8cef3b7 commit 65046e1

File tree

1 file changed

+42
-28
lines changed

1 file changed

+42
-28
lines changed

‎.github/workflows/codeql-analysis.yml‎

Lines changed: 42 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -17,13 +17,22 @@ on:
1717
pull_request:
1818
# The branches below must be a subset of the branches above
1919
branches: [ master ]
20+
paths-ignore:
21+
- '**/*.md'
22+
- '**/*.txt'
2023
schedule:
2124
- cron: '22 21 * * 2'
2225

2326
jobs:
2427
analyze:
2528
name: Analyze
29+
# Runner size impacts CodeQL analysis time. To learn more, please see:
30+
# - https://gh.io/recommended-hardware-resources-for-running-codeql
31+
# - https://gh.io/supported-runners-and-hardware-resources
32+
# - https://gh.io/using-larger-runners
33+
# Consider using larger runners for possible analysis time improvements.
2634
runs-on: ubuntu-latest
35+
timeout-minutes: 360
2736
permissions:
2837
actions: read
2938
contents: read
@@ -33,39 +42,44 @@ jobs:
3342
fail-fast: false
3443
matrix:
3544
language: [ 'javascript' ]
36-
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
37-
# Learn more:
38-
# https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
45+
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift' ]
46+
# Use only 'java' to analyze code written in Java, Kotlin or both
47+
# Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
48+
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
3949

4050
steps:
41-
- name: Checkout repository
42-
uses: actions/checkout@v2
51+
- name: Checkout repository
52+
uses: actions/checkout@v3
4353

44-
# Initializes the CodeQL tools for scanning.
45-
- name: Initialize CodeQL
46-
uses: github/codeql-action/init@v1
47-
with:
48-
languages: ${{ matrix.language }}
49-
# If you wish to specify custom queries, you can do so here or in a config file.
50-
# By default, queries listed here will override any specified in a config file.
51-
# Prefix the list here with "+" to use these queries and those in the config file.
52-
# queries: ./path/to/local/query, your-org/your-repo/queries@main
54+
# Initializes the CodeQL tools for scanning.
55+
- name: Initialize CodeQL
56+
uses: github/codeql-action/init@v2
57+
with:
58+
languages: ${{ matrix.language }}
59+
# If you wish to specify custom queries, you can do so here or in a config file.
60+
# By default, queries listed here will override any specified in a config file.
61+
# Prefix the list here with "+" to use these queries and those in the config file.
5362

54-
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
55-
# If this step fails, then you should remove it and run the build manually (see below)
56-
- name: Autobuild
57-
uses: github/codeql-action/autobuild@v1
63+
# For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
64+
# queries: security-extended,security-and-quality
5865

59-
# i️ Command-line programs to run using the OS shell.
60-
# 📚 https://git.io/JvXDl
6166

62-
# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
63-
# and modify them (or add more) to build your code if your project
64-
# uses a compiled language
67+
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
68+
# If this step fails, then you should remove it and run the build manually (see below)
69+
# - name: Autobuild
70+
# uses: github/codeql-action/autobuild@v2
6571

66-
#- run: |
67-
# make bootstrap
68-
# make release
72+
# i️ Command-line programs to run using the OS shell.
73+
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
6974

70-
- name: Perform CodeQL Analysis
71-
uses: github/codeql-action/analyze@v1
75+
# If the Autobuild fails above, remove it and uncomment the following three lines.
76+
# modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
77+
78+
# - run: |
79+
# echo "Run, Build Application using script"
80+
# ./location_of_script_within_repo/buildscript.sh
81+
82+
- name: Perform CodeQL Analysis
83+
uses: github/codeql-action/analyze@v2
84+
with:
85+
category: "/language:${{matrix.language}}"

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /