Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CodeQL: only scan sopel directory #2528

Merged
merged 1 commit into from
Oct 27, 2023
Merged

CodeQL: only scan sopel directory #2528

merged 1 commit into from
Oct 27, 2023

Conversation

dgw
Copy link
Member

@dgw dgw commented Oct 26, 2023

No more false security warnings in test files.

Checklist

  • I have read CONTRIBUTING.md
  • I can and do license this contribution under the EFLv2
  • No issues are reported by make qa (runs make lint and make test)
    • I haven't touched any code.
  • I have tested the functionality of the things this change touches
    • Leaving this unchecked until I see what GHA does, since I can't test the CodeQL workflow locally.

No more false security warnings in test files.
@dgw dgw added Build Housekeeping Code cleanup, removal of deprecated stuff, etc. labels Oct 26, 2023
@dgw
Copy link
Member Author

dgw commented Oct 26, 2023

Before (last CodeQL analysis on master):

CodeQL scanned 124 out of 124 Python files in this job. Typically CodeQL is configured to analyze a single CodeQL language per job, so check the status page for overall coverage information across all jobs: https://github.com/sopel-irc/sopel/security/code-scanning/tools/CodeQL/status/
Analysis produced the following metric data:

|                   Metric                   | Value  |
+--------------------------------------------+--------+
| Total lines of Python code in the database | 171510 |

After (with this configuration change):

CodeQL scanned 82 out of 82 Python files in this job. Typically CodeQL is configured to analyze a single CodeQL language per job, so check the status page for overall coverage information across all jobs: https://github.com/sopel-irc/sopel/security/code-scanning/tools/CodeQL/status/
Analysis produced the following metric data:

|                   Metric                   | Value  |
+--------------------------------------------+--------+
| Total lines of Python code in the database | 159354 |

File counts reported by CodeQL match up exactly with my quick-and-dirty find results:

dgw@ROGAlly:~/github/sopel-irc/sopel$ find . -type f -name '*.py' | wc -l
124
dgw@ROGAlly:~/github/sopel-irc/sopel$ find sopel/ -type f -name '*.py' | wc -l
82

Based on the above, I've checked off the "I have tested the functionality of the things this change touches" box above; seems to work exactly as I desired.

@dgw dgw requested a review from a team October 26, 2023 05:56
@dgw dgw merged commit 96891bf into master Oct 27, 2023
13 checks passed
@dgw dgw deleted the specify-codeql-scan-path branch October 27, 2023 01:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Build Housekeeping Code cleanup, removal of deprecated stuff, etc.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants