Merge pull request #380 from k4cg/codeql_widened

widened codeql checks
k4cg · Sep 5, 2020 · da3ba44 · da3ba44
2 parents 619529e + c1b43c1
commit da3ba44
Show file tree

Hide file tree

Showing 6 changed files with 17 additions and 13 deletions.
diff --git a/.github/codeql/python-package.yaml b/.github/codeql/python-package.yaml
@@ -7,8 +7,8 @@ queries:
   - uses: security-and-quality
 
 paths:
-  - python-package/bin
-  - python-package/src
+  - python-package
 paths-ignore:
-  # web-ui is generated
-  - python-package/src/nichtparasoup/_web-ui
+  - python-package/tests
+  # parts of web-ui are generated
+  - python-package/src/nichtparasoup/_web-ui/static
diff --git a/.github/codeql/python-plugin-example.yaml b/.github/codeql/python-plugin-example.yaml
@@ -7,4 +7,6 @@ queries:
   - uses: security-and-quality
 
 paths:
-  - python-plugin-example/src
+  - python-plugin-example
+paths-ignore:
+  - python-plugin-example/tests
diff --git a/.github/codeql/web-ui.yaml b/.github/codeql/web-ui.yaml
@@ -7,7 +7,7 @@ queries:
   - uses: security-and-quality
 
 paths:
-  - web-ui/src
+  - web-ui
 paths-ignore:
   - web-ui/node_modules
   - 'web-ui/**/*.test.js'
diff --git a/.github/workflows/python-package-tests.yaml b/.github/workflows/python-package-tests.yaml
@@ -13,6 +13,7 @@ on:
       - '3.0-dev'
     paths:
       - '.github/workflows/python-package-tests.yaml'
+      - '.github/codeql/python-package.yaml'
       - 'python-package/**'
       - '!python-package/src/nichtparasoup/_web-ui/static/**'
       - '!python-package/docs/**'
@@ -29,6 +30,7 @@ on:
       - '3.0-dev'
     paths:
       - '.github/workflows/python-package-tests.yaml'
+      - '.github/codeql/python-package.yaml'
       - 'python-package/**'
       - '!python-package/src/nichtparasoup/_web-ui/static/**'
       - '!python-package/docs/**'
@@ -136,7 +138,6 @@ jobs:
       - name: Tidy pip cache dir
         if: ${{ always() }}
         run: python -m pip cache remove 'nichtparasoup*' || true
-
   test-reporting_merge:
     name: Merge test reports
     needs: ['test']
@@ -185,7 +186,6 @@ jobs:
           name: ${{ env.reports-directory }}
           path: ${{ env.project-directory }}/${{ env.reports-directory }}/
           if-no-files-found: error
-
   codecov:
     name: CodeCov
     # have forks backed-up: Anyone without write access to a repository cannot read and use secrets
@@ -210,7 +210,6 @@ jobs:
           file: ${{ env.project-directory }}/${{ env.reports-directory }}/coverage.xml
           flags: ${{ env.project-directory }}
           name: ${{ env.project-directory }}
-
   sonarcloud:
     name: SonarScanner
     # have forks backed-up: Anyone without write access to a repository cannot read and use secrets
@@ -239,7 +238,6 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-
   codeql:
     # see https://github.com/github/codeql-action
     name: CodeQL
@@ -261,7 +259,7 @@ jobs:
         uses: github/codeql-action/init@v1
         with:
           languages: python
-          config-file: ./.github/codeql/${{ env.project-directory }}.yaml
+          config-file: .github/codeql/${{ env.project-directory }}.yaml
       - name: Perform CodeQL Analysis
         # see https://github.com/github/codeql-action
         uses: github/codeql-action/analyze@v1
diff --git a/.github/workflows/python-plugin-example-tests.yaml b/.github/workflows/python-plugin-example-tests.yaml
@@ -10,6 +10,7 @@ on:
       - '3.0-dev'
     paths:
       - '.github/workflows/python-plugin-example-tests.yaml'
+      - '.github/codeql/python-plugin-example.yaml'
       - 'python-plugin-example/**'
       - '!python-plugin-example/docs/**'
       - '!python-plugin-example/**.md'
@@ -22,6 +23,7 @@ on:
       - '3.0-dev'
     paths:
       - '.github/workflows/python-plugin-example-tests.yaml'
+      - '.github/codeql/python-plugin-example.yaml'
       - 'python-plugin-example/**'
       - '!python-plugin-example/docs/**'
       - '!python-plugin-example/**.md'
@@ -246,7 +248,7 @@ jobs:
         uses: github/codeql-action/init@v1
         with:
           languages: python
-          config-file: ./.github/codeql/${{ env.project-directory }}.yaml
+          config-file: .github/codeql/${{ env.project-directory }}.yaml
       - name: Perform CodeQL Analysis
         # see https://github.com/github/codeql-action
         uses: github/codeql-action/analyze@v1
diff --git a/.github/workflows/web-ui-tests.yaml b/.github/workflows/web-ui-tests.yaml
@@ -10,6 +10,7 @@ on:
       - '3.0-dev'
     paths:
       - '.github/workflows/web-ui-tests.yaml'
+      - '.github/codeql/web-ui.yaml'
       - 'web-ui/**'
       - '!web-ui/docs/**'
       - '!web-ui/**.md'
@@ -21,6 +22,7 @@ on:
       - '3.0-dev'
     paths:
       - '.github/workflows/web-ui-tests.yaml'
+      - '.github/codeql/web-ui.yaml'
       - 'web-ui/**'
       - '!web-ui/docs/**'
       - '!web-ui/**.md'
@@ -76,7 +78,7 @@ jobs:
         uses: github/codeql-action/init@v1
         with:
           languages: javascript
-          config-file: ./.github/codeql/${{ env.project-directory }}.yaml
+          config-file: .github/codeql/${{ env.project-directory }}.yaml
       - name: Perform CodeQL Analysis
         # see https://github.com/github/codeql-action
         uses: github/codeql-action/analyze@v1