-
-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ci: CodeQLの問題を修正 #169
ci: CodeQLの問題を修正 #169
Conversation
Codecov Report
@@ Coverage Diff @@
## main #169 +/- ##
=======================================
Coverage 48.06% 48.06%
=======================================
Files 35 35
Lines 749 749
Branches 123 123
=======================================
Hits 360 360
Misses 272 272
Partials 117 117
Flags with carried forward coverage won't be shown. Click here to find out more. Continue to review full report at Codecov.
|
🎉 This PR is included in version 1.12.1 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Issue: No Issue
Type of Change:
CIの修正
Cause of the Problem (問題の原因)
CodeQL CIで以下の警告が報告されていた:
これについて github/codeql-action#283 ・ Code Securityに関するGitHub Docs を見てみると GitHub Actions の設定ファイル(
workflows/
配下) でパスの除外(paths-ignore)を行うのはベストプラクティスではないことがわかったDealing with Problems (問題への対処)
github/codeql-action#283 を見ると codeql-action では独自の設定ファイルがあり、それを
jobs.steps.with.config-file
にパスとして渡してあげることで対処Details of implementation (実施内容)
on.push.paths-ignore
とon.pull_request.paths-ignore
を削除codeql-config.yml
) を追加-
src/
配下にあるファイルに対して実行されるように- Markdownの変更には実行されないように