You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@roller.apache.org by mb...@apache.org on 2021/09/13 02:12:20 UTC
[roller] 10/10: CodeQL: don't scan JS files three times.
This is an automated email from the ASF dual-hosted git repository.
mbien pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/roller.git
commit 440ef707696bbe9f0c4d65deeff19bd3d3a9988f
Author: Michael Bien <mb...@gmail.com>
AuthorDate: Fri Aug 27 05:38:38 2021 +0200
CodeQL: don't scan JS files three times.
this requires unfortunately another config file since path settings
can't be set in the workflow config.
see https://github.com/github/codeql-action/issues/283
---
.github/codeql/codeql-config.yml | 14 ++++++++++++++
.github/workflows/codeql-analysis.yml | 10 +---------
2 files changed, 15 insertions(+), 9 deletions(-)
diff --git a/.github/codeql/codeql-config.yml b/.github/codeql/codeql-config.yml
new file mode 100644
index 0000000..7fa5e23
--- /dev/null
+++ b/.github/codeql/codeql-config.yml
@@ -0,0 +1,14 @@
+name: "Roller CodeQL config"
+
+# paths-ignore only influences interpreted languages according to the doc
+# don't scan JS files three times:
+# - ignore test folder and source folder
+# - target is kept to only scan what is deployed
+paths-ignore:
+ - app/target/test-classes
+ - app/src
+
+# If you wish to specify custom queries, you can do so here or in a config file.
+# By default, queries listed here will override any specified in a config file.
+# Prefix the list here with "+" to use these queries and those in the config file.
+# queries: ./path/to/local/query, your-org/your-repo/queries@main
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 4a7f7ba..43f56cb 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -4,11 +4,6 @@
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-#
name: "CodeQL"
on:
@@ -45,10 +40,7 @@ jobs:
uses: github/codeql-action/init@v1
with:
languages: ${{ matrix.language }}
- # If you wish to specify custom queries, you can do so here or in a config file.
- # By default, queries listed here will override any specified in a config file.
- # Prefix the list here with "+" to use these queries and those in the config file.
- # queries: ./path/to/local/query, your-org/your-repo/queries@main
+ config-file: ./.github/codeql/codeql-config.yml
- name: Build with Maven
run: mvn -DskipTests=true -V -ntp install