From 5995a69e2c654b7dd6452acdabbfedd8510fd58a Mon Sep 17 00:00:00 2001 From: "Kelvin M. Klann" Date: Mon, 14 Aug 2023 04:27:32 -0300 Subject: ci: trim comments in codeql-analysis.yml Note: When generating a new workflow, the permissions do not have comments anymore. --- .github/workflows/codeql-analysis.yml | 17 ++++------------- 1 file changed, 4 insertions(+), 13 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index a4c4a1146..bb43f7d50 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -1,9 +1,4 @@ -# For most projects, this workflow file will not need changing; you simply need -# to commit it to your repository. -# -# You may wish to alter this file to override the set of languages analyzed, -# or to provide custom queries or build logic. -name: "CodeQL" +name: CodeQL on: push: @@ -43,9 +38,9 @@ permissions: # added using https://github.com/step-security/secure-workflows jobs: analyze: permissions: - actions: read # for github/codeql-action/init to get workflow details - contents: read # for actions/checkout to fetch code - security-events: write # for github/codeql-action/autobuild to send a status report + actions: read + contents: read + security-events: write name: Analyze runs-on: ubuntu-latest @@ -82,10 +77,6 @@ jobs: uses: github/codeql-action/init@5b6282e01c62d02e720b81eb8a51204f527c3624 with: languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - # queries: ./path/to/local/query, your-org/your-repo/queries@main # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) -- cgit v1.2.3-70-g09d2