ci: CodeQLの問題を修正

[m1sk9]

Issue: No Issue

Type of Change:

CIの修正

Cause of the Problem (問題の原因)

CodeQL CIで以下の警告が報告されていた:

1 issue was detected with this workflow: Using on.push.paths-ignore can prevent Code Scanning annotating new alerts in your pull requests.

これについて github/codeql-action#283 ・ Code Securityに関するGitHub Docs を見てみると GitHub Actions の設定ファイル(workflows/ 配下) でパスの除外(paths-ignore)を行うのはベストプラクティスではないことがわかった

Dealing with Problems (問題への対処)

github/codeql-action#283 を見ると codeql-action では独自の設定ファイルがあり、それを jobs.steps.with.config-file にパスとして渡してあげることで対処

Details of implementation (実施内容)

• GitHub Actionsの設定ファイルから on.push.paths-ignore と on.pull_request.paths-ignore を削除
• 独自の設定ファイル ( codeql-config.yml ) を追加
  　- src/ 配下にあるファイルに対して実行されるように
  　- Markdownの変更には実行されないように

[codecov-commenter]

Codecov Report

Merging #169 (f00d0dc) into main (5d45ab7) will not change coverage.
The diff coverage is n/a.

❗ Current head f00d0dc differs from pull request most recent head 64676a9. Consider uploading reports for the commit 64676a9 to get more accurate results

@@           Coverage Diff           @@
##             main     #169   +/-   ##
=======================================
  Coverage   48.06%   48.06%           
=======================================
  Files          35       35           
  Lines         749      749           
  Branches      123      123           
=======================================
  Hits          360      360           
  Misses        272      272           
  Partials      117      117           

Flag	Coverage Δ
unittests	48.06% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5d45ab7...64676a9. Read the comment docs.

[github-actions]

🎉 This PR is included in version 1.12.1 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀