From e7db3386ed11943a35943d0f236605c4e122c362 Mon Sep 17 00:00:00 2001 From: Mrugesh Mohapatra <1884376+raisedadead@users.noreply.github.com> Date: Mon, 21 Dec 2020 20:55:42 +0530 Subject: [PATCH] chore: update CodeQL Scanning (#40511) --- .github/workflows/codeql-analysis.yml | 32 ++++----------------------- 1 file changed, 4 insertions(+), 28 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index a374fa8136..1d50728e43 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -7,45 +7,21 @@ on: - cron: '0 20 * * 5' jobs: - CodeQL-Build: - name: Scan + CodeQL: + name: CodeQL Scan runs-on: ubuntu-18.04 - + # Do not run the Workflow on dependabot + if: github.actor != 'dependabot[bot]' steps: - name: Checkout Source Files uses: actions/checkout@v2 with: - # We must fetch at least the immediate parents so that if this is - # a pull request then we can checkout the head. fetch-depth: 2 - - # If this run was triggered by a pull request event, then checkout - # the head of the pull request instead of the merge commit. - run: git checkout HEAD^2 if: ${{ github.event_name == 'pull_request' }} - - # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL uses: github/codeql-action/init@v1 - # Override language selection by uncommenting this and choosing your languages with: languages: javascript - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - # - name: Autobuild - # uses: github/codeql-action/autobuild@v1 - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - - # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - #- run: | - # make bootstrap - # make release - - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v1