build(security): correct scan path for CodeQL

This commit is contained in:
Cotes Chung 2024-02-14 00:02:05 +08:00
parent 6b34901d94
commit 79c65b3e44
No known key found for this signature in database
GPG key ID: 0D9E54843167A808
2 changed files with 5 additions and 2 deletions

2
.github/codeql/codeql-config.yml vendored Normal file
View file

@ -0,0 +1,2 @@
paths-ignore:
- "assets/js"

View file

@ -2,9 +2,9 @@ name: "CodeQL"
on: on:
push: push:
paths: ["_javascript/**.js"] paths: ["_javascript/**/*.js"]
pull_request: pull_request:
paths: ["_javascript/**.js"] paths: ["_javascript/**/*.js"]
jobs: jobs:
analyze: analyze:
@ -30,6 +30,7 @@ jobs:
uses: github/codeql-action/init@v3 uses: github/codeql-action/init@v3
with: with:
languages: "${{ matrix.language }}" languages: "${{ matrix.language }}"
config-file: .github/codeql/codeql-config.yml
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
# If this step fails, then you should remove it and run the build manually (see below) # If this step fails, then you should remove it and run the build manually (see below)