| 1 | ## @file
|
|---|
| 2 | # CodeQL configuration file for edk2.
|
|---|
| 3 | #
|
|---|
| 4 | # Copyright (c) Microsoft Corporation.
|
|---|
| 5 | # SPDX-License-Identifier: BSD-2-Clause-Patent
|
|---|
| 6 | ##
|
|---|
| 7 |
|
|---|
| 8 | name: "CodeQL config"
|
|---|
| 9 |
|
|---|
| 10 | # The following line disables the default queries. This is used because we want to enable on query at a time by
|
|---|
| 11 | # explicitly specifying each query in a "queries" array as they are enabled.
|
|---|
| 12 | #
|
|---|
| 13 | # See the following for more information about adding custom queries:
|
|---|
| 14 | # https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-a-custom-configuration-file
|
|---|
| 15 |
|
|---|
| 16 | #disable-default-queries: true
|
|---|
| 17 |
|
|---|
| 18 | queries:
|
|---|
| 19 | - name: EDK2 CodeQL Query List
|
|---|
| 20 | uses: ./.github/codeql/edk2.qls
|
|---|
| 21 |
|
|---|
| 22 | # We must specify a query for CodeQL to run. Until the first query is enabled, enable the security query suite but
|
|---|
| 23 | # exclude all problem levels from impacting the results. After the first query is enabled, this filter can be relaxed
|
|---|
| 24 | # to find the level of problems desired from the query.
|
|---|
| 25 | query-filters:
|
|---|
| 26 | - exclude:
|
|---|
| 27 | problem.severity:
|
|---|
| 28 | - warning
|
|---|
| 29 | - recommendation
|
|---|
