5 Commits

Author SHA1 Message Date
Konrad Pabjan
c1a6d8f06a
Update codeql-analysis.yml (#197) 2023-01-04 17:21:01 -05:00
Brian Cristante
46a6d6f216
Don't trigger CodeQL on Dependabot push 2021-06-16 16:01:04 -04:00
Robin Neatherway
a6ff13d56d Add on: pull_request trigger to CodeQL workflow
From February 2021, in order to provide feedback on pull requests, Code Scanning workflows must be configured with both `push` and `pull_request` triggers. This is because Code Scanning compares the results from a pull request against the results for the base branch to tell you only what has changed between the two.

Early in the beta period we supported displaying results on pull requests for workflows with only `push` triggers, but have discontinued support as this proved to be less robust.

See https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#scanning-pull-requests for more information on how best to configure your Code Scanning workflows.
2021-01-13 11:19:52 +00:00
Josh Gross
1e32d64f05
Add paths ignore for md files 2020-05-11 09:48:46 -04:00
Josh Gross
c898b9b624
Create codeql-analysis.yml 2020-05-11 09:30:11 -04:00