Skip to content

tools: enable CodeQL config file #58036

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 28, 2025
Merged

tools: enable CodeQL config file #58036

merged 1 commit into from
Apr 28, 2025

Conversation

Trott
Copy link
Member

@Trott Trott commented Apr 26, 2025

A previous change designed to ignore test files in CodeQL scans had multiple problems. This fixes the CodeQL scan breakage. It adds a CodeQL config file, which allows us to ignore the test directory in our scans.

Refs: #57978 (comment)
Refs: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan

@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/actions

@nodejs-github-bot nodejs-github-bot added the meta Issues and PRs related to the general management of the project. label Apr 26, 2025
@Trott
tools: enable CodeQL config file
8b5bf63 
A previous change designed to ignore test files in CodeQL scans had
multiple problems. This fixes the CodeQL scan breakage. It adds a
CodeQL config file, which allows us to ignore the test directory
in our scans.

Refs: nodejs#57978 (comment)
Refs: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan
@Trott
Copy link
Member Author

Trott commented Apr 26, 2025
edited
Loading

To test this, I pushed this change to my own fork along with a workflow_dispatch setting so I could manually start it. The results are at https://github.com/Trott/io.js/actions/runs/14681638189.

@Trott Trott requested a review from richardlau April 26, 2025 13:26
@Trott Trott added the fast-track PRs that do not need to wait for 48 hours to land. label Apr 26, 2025
@github-actions GitHub Actions
Copy link
Contributor

Fast-track has been requested by @Trott. Please 👍 to approve.

@Trott Trott added author ready PRs that have at least one approval, no pending requests for changes, and a CI started. commit-queue Add this label to land a pull request using GitHub Actions. and removed commit-queue Add this label to land a pull request using GitHub Actions. labels Apr 27, 2025
@Trott Trott added commit-queue Add this label to land a pull request using GitHub Actions. and removed fast-track PRs that do not need to wait for 48 hours to land. labels Apr 28, 2025
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Apr 28, 2025
@nodejs-github-bot nodejs-github-bot merged commit 067a779 into nodejs:main Apr 28, 2025
28 checks passed
@nodejs-github-bot
Copy link
Collaborator

Landed in 067a779

@Trott Trott deleted the codeql-config branch April 28, 2025 13:35
RafaelGSS pushed a commit that referenced this pull request May 1, 2025
@Trott @RafaelGSS
tools: enable CodeQL config file
74e6553 
A previous change designed to ignore test files in CodeQL scans had
multiple problems. This fixes the CodeQL scan breakage. It adds a
CodeQL config file, which allows us to ignore the test directory
in our scans.

Refs: #57978 (comment)
Refs: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan
PR-URL: #58036
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
@RafaelGSS RafaelGSS mentioned this pull request May 1, 2025
Merged
RafaelGSS pushed a commit that referenced this pull request May 2, 2025
@Trott @RafaelGSS
tools: enable CodeQL config file
25c17ab 
A previous change designed to ignore test files in CodeQL scans had
multiple problems. This fixes the CodeQL scan breakage. It adds a
CodeQL config file, which allows us to ignore the test directory
in our scans.

Refs: #57978 (comment)
Refs: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan
PR-URL: #58036
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
aduh95 pushed a commit that referenced this pull request May 6, 2025
@Trott @aduh95
tools: enable CodeQL config file
fde3019 
A previous change designed to ignore test files in CodeQL scans had
multiple problems. This fixes the CodeQL scan breakage. It adds a
CodeQL config file, which allows us to ignore the test directory
in our scans.

Refs: #57978 (comment)
Refs: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan
PR-URL: #58036
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
aduh95 pushed a commit that referenced this pull request May 6, 2025
@Trott @aduh95
tools: enable CodeQL config file
712028b 
A previous change designed to ignore test files in CodeQL scans had
multiple problems. This fixes the CodeQL scan breakage. It adds a
CodeQL config file, which allows us to ignore the test directory
in our scans.

Refs: #57978 (comment)
Refs: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan
PR-URL: #58036
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
RafaelGSS pushed a commit that referenced this pull request May 14, 2025
@Trott @RafaelGSS
tools: enable CodeQL config file
c71f1be 
A previous change designed to ignore test files in CodeQL scans had
multiple problems. This fixes the CodeQL scan breakage. It adds a
CodeQL config file, which allows us to ignore the test directory
in our scans.

Refs: #57978 (comment)
Refs: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan
PR-URL: #58036
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
aduh95 pushed a commit that referenced this pull request May 16, 2025
@Trott @aduh95
tools: enable CodeQL config file
a820f5c 
A previous change designed to ignore test files in CodeQL scans had
multiple problems. This fixes the CodeQL scan breakage. It adds a
CodeQL config file, which allows us to ignore the test directory
in our scans.

Refs: #57978 (comment)
Refs: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan
PR-URL: #58036
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
aduh95 pushed a commit that referenced this pull request May 17, 2025
@Trott @aduh95
tools: enable CodeQL config file
7bf18de 
A previous change designed to ignore test files in CodeQL scans had
multiple problems. This fixes the CodeQL scan breakage. It adds a
CodeQL config file, which allows us to ignore the test directory
in our scans.

Refs: #57978 (comment)
Refs: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan
PR-URL: #58036
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
aduh95 pushed a commit that referenced this pull request May 17, 2025
@Trott @aduh95
tools: enable CodeQL config file
26dd6ac 
A previous change designed to ignore test files in CodeQL scans had
multiple problems. This fixes the CodeQL scan breakage. It adds a
CodeQL config file, which allows us to ignore the test directory
in our scans.

Refs: #57978 (comment)
Refs: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan
PR-URL: #58036
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
aduh95 pushed a commit that referenced this pull request May 17, 2025
@Trott @aduh95
tools: enable CodeQL config file
8446469 
A previous change designed to ignore test files in CodeQL scans had
multiple problems. This fixes the CodeQL scan breakage. It adds a
CodeQL config file, which allows us to ignore the test directory
in our scans.

Refs: #57978 (comment)
Refs: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan
PR-URL: #58036
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
aduh95 pushed a commit that referenced this pull request May 18, 2025
@Trott @aduh95
tools: enable CodeQL config file
06486d0 
A previous change designed to ignore test files in CodeQL scans had
multiple problems. This fixes the CodeQL scan breakage. It adds a
CodeQL config file, which allows us to ignore the test directory
in our scans.

Refs: #57978 (comment)
Refs: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan
PR-URL: #58036
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
@github-actions github-actions bot mentioned this pull request May 19, 2025
Merged
aduh95 pushed a commit that referenced this pull request May 19, 2025
@Trott @aduh95
tools: enable CodeQL config file
2338630 
A previous change designed to ignore test files in CodeQL scans had
multiple problems. This fixes the CodeQL scan breakage. It adds a
CodeQL config file, which allows us to ignore the test directory
in our scans.

Refs: #57978 (comment)
Refs: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan
PR-URL: #58036
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
@AuntyEms AuntyEms mentioned this pull request Jun 8, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasnell jasnell jasnell approved these changes

@lpinca lpinca lpinca approved these changes

@cjihrig cjihrig cjihrig approved these changes

@bjohansebas bjohansebas bjohansebas approved these changes

@richardlau richardlau Awaiting requested review from richardlau

Assignees
No one assigned
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. meta Issues and PRs related to the general management of the project.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@Trott @nodejs-github-bot @jasnell @lpinca @cjihrig @bjohansebas