diff --git a/.github/workflows/codeql-codescan.yml b/.github/workflows/codeql-codescan.yml index 01b6aa3d7d..a7b901c52c 100644 --- a/.github/workflows/codeql-codescan.yml +++ b/.github/workflows/codeql-codescan.yml @@ -1,14 +1,3 @@ -############################################################################## -############################################################################## -# -# NOTE! -# -# Please read the README.md file in this directory that defines what should -# be placed in this file -# -############################################################################## -############################################################################## - name: CodeQL codescan workflow on: @@ -29,12 +18,6 @@ jobs: contents: read security-events: write - # strategy: - # fail-fast: false - # matrix: - # language: [ 'typescript' ] - # directory: [ 'src/components', 'src/utils', 'src/services' ] # List of directories to scan - steps: - name: Checkout repository uses: actions/checkout@v4 @@ -42,23 +25,21 @@ jobs: - name: Initialize CodeQL uses: github/codeql-action/init@v2 with: - languages: ${{ matrix.language }} + languages: 'typescript' # Or 'python', 'typescript', etc. debug: true - name: CodeQL Analysis for Directory run: | - echo "Scanning directory: ${{ matrix.directory }}" - codeql database create db-${{ matrix.directory }} --language=${{ matrix.language }} --source-root=${{ matrix.directory }} + echo "Scanning directory: src" + codeql database create db-src --language=javascript --source-root=src # Modify language and directory accordingly - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v2 with: - category: "/language:${{ matrix.language }}-${{ matrix.directory }}" - output: results-${{ matrix.directory }}.sarif + category: "/language:javascript-src" + output: results-src.sarif - name: Upload SARIF to GitHub Security uses: github/codeql-action/upload-sarif@v2 with: - sarif_file: results-${{ matrix.directory }}.sarif - - + sarif_file: results-src.sarif