Github Workflow CodeQL: Check out submodules#986
Github Workflow CodeQL: Check out submodules#986hoffie wants to merge 1 commit intojamulussoftware:masterfrom
Conversation
- Submodules are part of official releases, so it might make sense to run them through CodeQL as well. - This is supposed to detect breakage with submodule inclusion as observed in jamulussoftware#984. Docs: https://github.com/actions/checkout Signed-off-by: Christian Hoffmann <mail@hoffmann-christian.info>
Seems like it works -- CodeQL fails in this PR because the new CodeQL workflow seems to be used: I suggest waiting for #985 to be merged, will then rebase and then CodeQL should be green again. |
|
#978 is close to ready, will fix qodeql |
Ah, thanks for the pointer. Your PR seems to move the CodeQL part to the autobuild which already contains a submodule-enabled checkout. So, after your PR my PR becomes irrelevant. If your PR is merged quickly, I'll close my PR as it becomes obsolete. If there is still some back and forth I'd be in favor of merging my PR temporarily to spot any problems in this area. |
|
Can this be closed? |
|
Yes, it will be part of #978 already. |
3 participants
(As noticed by @nefarius2001)
to run them through CodeQL as well.
as observed in submodule checkout broken #984.
Docs: https://github.com/actions/checkout
I'm not sure if the modified CodeQL workflow will already trigger in this PR (I suspect it won't). If it does, it will probably (correctly) fail until #985 is merged. It would be great if it did because I could then rebase and we could check if the action works as intended and passes afterwards.
Note: I have never worked with Github actions before so it might be horribly wrong what I do.