Fixes #11126
These changes will cause GitHub Advanced Security to ignore the auto-generated content around 3rd party dependencies used by `cli/cli` from static code analysis and secret scanning. For more information: - https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning - https://docs.github.com/en/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/excluding-folders-and-files-from-secret-scanning
This commit is contained in:
Andy Feller
parent
cfc45042dc
commit
c7b1afd293
2 changed files with 7 additions and 0 deletions
3
.github/secret_scanning.yml
vendored
Normal file
3
.github/secret_scanning.yml
vendored
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
paths-ignore:
|
||||
- 'third-party/**'
|
||||
- 'third-party-licenses.*.md'
|
||||
4
.github/workflows/codeql.yml
vendored
4
.github/workflows/codeql.yml
vendored
|
|
@ -32,6 +32,10 @@ jobs:
|
|||
with:
|
||||
languages: ${{ matrix.language }}
|
||||
queries: security-and-quality
|
||||
config: |
|
||||
paths-ignore:
|
||||
- 'third-party/**'
|
||||
- 'third-party-licenses.*.md'
|
||||
|
||||
- name: Setup Go
|
||||
if: matrix.language == 'go'
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue