From 6d50e0a77b2316c184c587b62692a0c6c2af1393 Mon Sep 17 00:00:00 2001 From: federicobo Date: Thu, 16 Nov 2023 14:07:50 +0100 Subject: [PATCH] update codeql configurations --- .github/workflows/codeql.yml | 9 +++++---- .github/workflows/codeql/codeql-config.yml | 2 ++ 2 files changed, 7 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/codeql/codeql-config.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 433a35b..43e9b21 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -3,10 +3,10 @@ name: "CodeQL" #we will launch this actions with a manual trigger, as well when a push is committed or a PR is opened on main branch on: workflow_dispatch: - push: - branches: ["main"] - pull_request: - branches: ["main"] + # push: + # branches: ["main"] + # pull_request: + # branches: ["main"] jobs: #jobs name and settings @@ -35,6 +35,7 @@ jobs: - name: Initialize CodeQL uses: github/codeql-action/init@v2 with: + config-file: ./.github/codeql/codeql-config.yml languages: ${{ matrix.language }} # Build the codebase, codeql offer an autobuild steps for most of his supported languages: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages diff --git a/.github/workflows/codeql/codeql-config.yml b/.github/workflows/codeql/codeql-config.yml new file mode 100644 index 0000000..684d1cb --- /dev/null +++ b/.github/workflows/codeql/codeql-config.yml @@ -0,0 +1,2 @@ +paths-ignore: + - '**/juice-shop/**/codefixes/**'