Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: configure codeql locally within the repo to allow for customization #29552

Merged
merged 2 commits into from
Jan 31, 2025
Merged

ci: configure codeql locally within the repo to allow for customization #29552

merged 2 commits into from
Jan 31, 2025

Conversation

josephperrott
Copy link
Member

Moving to the configuration being in the repo allows us to specify which specific rules are run in analysis.

@angular-robot angular-robot bot added the area: build & ci Related the build and CI infrastructure of the project label Jan 31, 2025
@josephperrott josephperrott force-pushed the disable-crypto-regex branch 2 times, most recently from 99eadaf to eb53489 Compare January 31, 2025 16:07
@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@josephperrott josephperrott force-pushed the disable-crypto-regex branch 5 times, most recently from 539bbc4 to 564e019 Compare January 31, 2025 16:37
@josephperrott
ci: configure codeql locally within the repo to allow for customization
de0bab2 
Moving to the configuration being in the repo allows us to specify which specific rules are run in analysis.
@josephperrott
ci: disable evalutations that arecausing codeql timeouts
f97da1c 
Disabling js/bad-code-sanitization and js/regex-injection because a recent update caused tons of
 timeouts and we don't have anything where cryptographic usage is ultra important in our use cases.
@josephperrott josephperrott added target: patch This PR is targeted for the next patch release action: merge The PR is ready for merge by the caretaker labels Jan 31, 2025
@josephperrott josephperrott marked this pull request as ready for review January 31, 2025 16:44
@alan-agius4 alan-agius4 removed the request for review from clydin January 31, 2025 17:31
@alan-agius4 alan-agius4 merged commit 6553452 into angular:main Jan 31, 2025
33 checks passed
@alan-agius4
Copy link
Collaborator

The changes were merged into the following branches: main, 19.1.x

@josephperrott josephperrott deleted the disable-crypto-regex branch January 31, 2025 18:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alan-agius4 alan-agius4 alan-agius4 approved these changes

Assignees
No one assigned
Labels
action: merge The PR is ready for merge by the caretaker area: build & ci Related the build and CI infrastructure of the project target: patch This PR is targeted for the next patch release
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@josephperrott @alan-agius4