build(security): correct scan path for CodeQL

2025-12-18 05:41:31 +00:00 · 2024-02-14 00:02:05 +08:00
parent 6b34901d94
commit 79c65b3e44
2 changed files with 5 additions and 2 deletions
--- a/.github/codeql/codeql-config.yml
+++ b/.github/codeql/codeql-config.yml
@@ -0,0 +1,2 @@
+paths-ignore:
+  - "assets/js"
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -2,9 +2,9 @@ name: "CodeQL"

 on:
  push:
-    paths: ["_javascript/**.js"]
+    paths: ["_javascript/**/*.js"]
  pull_request:
-    paths: ["_javascript/**.js"]
+    paths: ["_javascript/**/*.js"]

 jobs:
  analyze:
@@ -30,6 +30,7 @@ jobs:
        uses: github/codeql-action/init@v3
        with:
          languages: "${{ matrix.language }}"
+          config-file: .github/codeql/codeql-config.yml

      # Autobuild attempts to build any compiled languages  (C/C++, C#, Go, or Java).
      # If this step fails, then you should remove it and run the build manually (see below)