Skip to content

chore: review CodeQL analysis setup for cost and runtime optimisation #738

Open
Open
chore: review CodeQL analysis setup for cost and runtime optimisation#738
Labels
costCost optimisationinfraInfrastructure/deployment
@Sealjay

Description

@Sealjay
Sealjay
opened on Mar 28, 2026

Context

The CodeQL Analysis workflow runs on every push to main and on PRs. It currently analyses JavaScript/TypeScript and Python.

Tasks

  • Review if both language analyses are needed on every push (consider running Python only on backend changes, JS only on frontend changes)
  • Check if the workflow duration is excessive and identify bottlenecks
  • Consider using paths filters to skip analysis when irrelevant files change
  • Evaluate if schedule-based scanning (e.g., weekly) could replace push-triggered scans for cost savings
  • Check if the autobuild step is necessary or if a custom build step would be faster
  • Consider caching strategies for CodeQL databases

Why

GitHub Actions minutes cost money. Long-running CodeQL scans on every push add up, especially if they analyse code that hasn't changed.

Metadata

Metadata

Assignees

No one assigned

    Labels

    costCost optimisationinfraInfrastructure/deployment

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions