Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Update codeql.yml with extended query pack #3694

Merged
merged 1 commit into from
Jan 31, 2024
Merged

Update codeql.yml with extended query pack #3694

merged 1 commit into from
Jan 31, 2024

Conversation

brendankowitz
Copy link
Member

@brendankowitz brendankowitz commented Jan 30, 2024
edited
Loading

Description

This pull request primarily focuses on refining the CodeQL scanning process in the .github/workflows/codeql.yml file. The changes include specifying the branches for the push trigger, ignoring certain file paths for pull requests, introducing a matrix strategy for languages, and updating the CodeQL initialization parameters.

Here are the key changes:

Changes to triggers:

  • .github/workflows/codeql.yml: The push trigger now only applies to the main branch, and the pull_request trigger now ignores changes to .md, .json, and .http files.

Introduction of matrix strategy:

Updates to CodeQL initialization:

  • .github/workflows/codeql.yml: The CodeQL initialization parameters were updated to use the language from the matrix strategy and to include specific queries and query filters.

Testing

Builds successful

FHIR Team Checklist

  • Update the title of the PR to be succinct and less than 65 characters
  • Add a milestone to the PR for the sprint that it is merged (i.e. add S47)
  • Tag the PR with the type of update: Bug, Build, Dependencies, Enhancement, New-Feature or Documentation
  • Tag the PR with Open source, Azure API for FHIR (CosmosDB or common code) or Azure Healthcare APIs (SQL or common code) to specify where this change is intended to be released.
  • Tag the PR with Schema Version backward compatible or Schema Version backward incompatible or Schema Version unchanged if this adds or updates Sql script which is/is not backward compatible with the code.
  • CI is green before merge Build Status
  • Review squash-merge requirements

Semver Change (docs)

Patch

@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@brendankowitz brendankowitz force-pushed the personal/bkowitz/codeql-update branch 4 times, most recently from bf61bbc to 801311c Compare January 31, 2024 01:27
@brendankowitz brendankowitz added Build Open source This change is only relevant to the OSS code or release. labels Jan 31, 2024
@brendankowitz brendankowitz added this to the S133 milestone Jan 31, 2024
@brendankowitz brendankowitz marked this pull request as ready for review January 31, 2024 03:27
@brendankowitz brendankowitz requested a review from a team as a code owner January 31, 2024 03:27
@brendankowitz brendankowitz force-pushed the personal/bkowitz/codeql-update branch from 801311c to 39ac780 Compare January 31, 2024 15:47
@brendankowitz brendankowitz merged commit 8b9207c into main Jan 31, 2024
6 checks passed
@brendankowitz brendankowitz deleted the personal/bkowitz/codeql-update branch January 31, 2024 19:02
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@PTaladay PTaladay PTaladay approved these changes

Assignees
No one assigned
Labels
Build Open source This change is only relevant to the OSS code or release.
Projects
None yet
Milestone
S133
Development

Successfully merging this pull request may close these issues.
2 participants
@brendankowitz @PTaladay