Skip to content

tools: enable CodeQL config file #58036

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

tools: enable CodeQL config file #58036

wants to merge 1 commit into from
+5 −3

Conversation

Trott
Copy link
Member

@Trott Trott commented Apr 26, 2025

A previous change designed to ignore test files in CodeQL scans had multiple problems. This fixes the CodeQL scan breakage. It adds a CodeQL config file, which allows us to ignore the test directory in our scans.

Refs: #57978 (comment)
Refs: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan

@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/actions

@nodejs-github-bot nodejs-github-bot added the meta Issues and PRs related to the general management of the project. label Apr 26, 2025
@Trott
tools: enable CodeQL config file
8b5bf63 
A previous change designed to ignore test files in CodeQL scans had
multiple problems. This fixes the CodeQL scan breakage. It adds a
CodeQL config file, which allows us to ignore the test directory
in our scans.

Refs: nodejs#57978 (comment)
Refs: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan
@Trott
Copy link
Member Author

Trott commented Apr 26, 2025
edited
Loading

To test this, I pushed this change to my own fork along with a workflow_dispatch setting so I could manually start it. The results are at https://github.com/Trott/io.js/actions/runs/14681638189.

@Trott Trott requested a review from richardlau April 26, 2025 13:26
@Trott Trott added the fast-track PRs that do not need to wait for 48 hours to land. label Apr 26, 2025
@github-actions GitHub Actions
Copy link
Contributor

Fast-track has been requested by @Trott. Please 👍 to approve.

@Trott Trott added author ready PRs that have at least one approval, no pending requests for changes, and a CI started. commit-queue Add this label to land a pull request using GitHub Actions. and removed commit-queue Add this label to land a pull request using GitHub Actions. labels Apr 27, 2025
@Trott Trott added commit-queue Add this label to land a pull request using GitHub Actions. and removed fast-track PRs that do not need to wait for 48 hours to land. labels Apr 28, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasnell jasnell jasnell approved these changes

@lpinca lpinca lpinca approved these changes

@cjihrig cjihrig cjihrig approved these changes

@bjohansebas bjohansebas bjohansebas approved these changes

@richardlau richardlau Awaiting requested review from richardlau

Assignees
No one assigned
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. commit-queue Add this label to land a pull request using GitHub Actions. meta Issues and PRs related to the general management of the project.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@Trott @nodejs-github-bot @jasnell @lpinca @cjihrig @bjohansebas