mirror of
https://github.com/github/codeql.git
synced 2025-12-16 08:43:11 +01:00
Code scanning config: Exclude actions test directory
These are test cases for the GitHub Actions analysis. Exclude them when running code scanning against this repo, to avoid noisy alerts. Test workflow files in this directory are safe from execution, because Actions only executes workflows that live directly in the .github/workflows top-level directory. `action.yml` files in this directory can in theory be executed as a step in a workflow; for now exclude them.
This commit is contained in:
Aditya Sharad
1
.github/codeql/codeql-config.yml
vendored
1
.github/codeql/codeql-config.yml
vendored
@@ -4,6 +4,7 @@ queries:
|
|||||||
- uses: security-and-quality
|
- uses: security-and-quality
|
||||||
|
|
||||||
paths-ignore:
|
paths-ignore:
|
||||||
|
- '/actions/ql/test'
|
||||||
- '/cpp/'
|
- '/cpp/'
|
||||||
- '/java/'
|
- '/java/'
|
||||||
- '/python/'
|
- '/python/'
|
||||||
|
|||||||
Reference in New Issue
Block a user