.github/codeql/codeql-config.yml
# https://github.com/github/codeql-action#configuration-file
# https://docs.github.com/en/code-security/secure-coding/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-a-custom-configuration-file
name: "CodeQL config"
queries:
- uses: security-extended
- uses: security-and-quality
paths-ignore:
- tests
- lib
# TODO: upload SARIF to CodeCoverage if possible
# https://docs.github.com/en/code-security/secure-coding/integrating-with-code-scanning/uploading-a-sarif-file-to-github