Exclude some folders from our SAST analysis
Currently, the CodeQL scanner has been analyzing the whole codebase,including folders like testsuite, or examples. Those folders are not relevant from the security standpoint, considering that they do not expose our users and customers to any risks. They are only relevant in the context of our pipelines, but never used in production. Closes #9631
This commit is contained in:
Bruno Oliveira da Silva
parent
7511725af4
commit
f2430c0994
1 changed files with 4 additions and 0 deletions
4
.github/workflows/codeql-analysis.yml
vendored
4
.github/workflows/codeql-analysis.yml
vendored
|
|
@ -11,6 +11,10 @@ on:
|
||||||
pull_request:
|
pull_request:
|
||||||
# The branches below must be a subset of the branches above
|
# The branches below must be a subset of the branches above
|
||||||
branches: [master]
|
branches: [master]
|
||||||
|
paths-ignore:
|
||||||
|
- 'testsuite/**'
|
||||||
|
- 'examples/**'
|
||||||
|
- 'quarkus/tests/**'
|
||||||
schedule:
|
schedule:
|
||||||
- cron: '0 9 * * 2'
|
- cron: '0 9 * * 2'
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue