modify CodeQL query suite for enhanced security and quality analysis #32
Conversation
Updated CodeQL workflow to use security-extended and security-and-quality query suites.
There was a problem hiding this comment.
Pull Request Overview
This PR introduces a new CodeQL workflow configuration to enhance security and quality analysis for the repository. The workflow is configured to run CodeQL scans using the security-extended and security-and-quality query suites, which provide more comprehensive security and code quality checks.
Key Changes
- Added a new CodeQL Advanced workflow that triggers on pushes to main, pull requests to main, and on a weekly schedule
- Configured the workflow to analyze both GitHub Actions and Python code
- Enabled enhanced security scanning with security-extended and security-and-quality query suites
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| # Prefix the list here with "+" to use these queries and those in the config file. | ||
|
|
||
| # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs | ||
| queries: security-extended,security-and-quality |
There was a problem hiding this comment.
The queries parameter expects query suite references in the format owner/repo/suite@ref or built-in suite names like security-extended. However, security-and-quality is not a standard CodeQL query suite name. The standard built-in suites are security-extended, security-and-quality does not exist. Consider using code-scanning if you want quality queries in addition to security, or verify the correct suite name in CodeQL documentation.
p-
changed the title
Updated CodeQL workflow to use security-extended and security-and-quality query suites.
(Default template that is proposed when switching from automated config to manual)