From 736ee753e879d398979250d5c504c4cc3d3ceb75 Mon Sep 17 00:00:00 2001 From: devgiljong Date: Sun, 17 Nov 2024 22:02:40 +0900 Subject: [PATCH 1/4] feat: codeql configuration --- .github/codeql.yml | 10 ++++++++++ .github/workflows/codeql.yml | 36 ++++++++++++++++++++++++++++++++++++ 2 files changed, 46 insertions(+) create mode 100644 .github/codeql.yml create mode 100644 .github/workflows/codeql.yml diff --git a/.github/codeql.yml b/.github/codeql.yml new file mode 100644 index 0000000..2f55e77 --- /dev/null +++ b/.github/codeql.yml @@ -0,0 +1,10 @@ +name: 'CodeQL config' + +paths: + - src + - app +paths-ignore: + - '**/*.test.ts' + - '**/*.test.tsx' + - '**/*.stories.ts' + - '**/*.stories.tsx' \ No newline at end of file diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..e4234f9 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,36 @@ +name: 'CodeQL' + +on: + pull_request: + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: ['typescript'] + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + config-file: ./.github/codeql.yml + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: '/language:${{matrix.language}}' \ No newline at end of file From 443fa6974902134eea608adf15920d9fa3f6e6cc Mon Sep 17 00:00:00 2001 From: devgiljong Date: Sun, 17 Nov 2024 23:24:19 +0900 Subject: [PATCH 2/4] chore: codeql configuration --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e4234f9..fc843ef 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -15,7 +15,7 @@ jobs: strategy: fail-fast: false matrix: - language: ['typescript'] + language: ['javascript'] steps: - name: Checkout repository From 523e2467e125c42052910a92052d83396527a703 Mon Sep 17 00:00:00 2001 From: devgiljong Date: Mon, 18 Nov 2024 10:52:44 +0900 Subject: [PATCH 3/4] fix: codeql debug --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index fc843ef..ba63d7e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -15,7 +15,7 @@ jobs: strategy: fail-fast: false matrix: - language: ['javascript'] + language: ['javascript-typescript'] steps: - name: Checkout repository From 9c2635f05a6042341ec0678b36632e881050f8bf Mon Sep 17 00:00:00 2001 From: devgiljong Date: Mon, 18 Nov 2024 10:58:10 +0900 Subject: [PATCH 4/4] fix: codeql debug --- .github/codeql.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/codeql.yml b/.github/codeql.yml index 2f55e77..24a6f88 100644 --- a/.github/codeql.yml +++ b/.github/codeql.yml @@ -1,10 +1,11 @@ name: 'CodeQL config' paths: - - src - - app + - packages/** + - apps/** paths-ignore: - '**/*.test.ts' - '**/*.test.tsx' - '**/*.stories.ts' - - '**/*.stories.tsx' \ No newline at end of file + - '**/*.stories.tsx' + - '**/node_modules/**' \ No newline at end of file