From 79c65b3e44a9aa33197212802c3d2eb9e038df1f Mon Sep 17 00:00:00 2001 From: Cotes Chung <11371340+cotes2020@users.noreply.github.com> Date: Wed, 14 Feb 2024 00:02:05 +0800 Subject: [PATCH] build(security): correct scan path for CodeQL --- .github/codeql/codeql-config.yml | 2 ++ .github/workflows/codeql.yml | 5 +++-- 2 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 .github/codeql/codeql-config.yml diff --git a/.github/codeql/codeql-config.yml b/.github/codeql/codeql-config.yml new file mode 100644 index 0000000..1439beb --- /dev/null +++ b/.github/codeql/codeql-config.yml @@ -0,0 +1,2 @@ +paths-ignore: + - "assets/js" diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 1745fcf..b09590d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -2,9 +2,9 @@ name: "CodeQL" on: push: - paths: ["_javascript/**.js"] + paths: ["_javascript/**/*.js"] pull_request: - paths: ["_javascript/**.js"] + paths: ["_javascript/**/*.js"] jobs: analyze: @@ -30,6 +30,7 @@ jobs: uses: github/codeql-action/init@v3 with: languages: "${{ matrix.language }}" + config-file: .github/codeql/codeql-config.yml # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below)