CI: fix (CodeQL|yamllint) rules

Summary:
- run CodeQL on js/ts file edits.
- yamllint rule modified to respect my styling decision (1 space
  before comment).

Signed-off-by: Yongmin Hong <revi@omglol.email>

Test Plan: `arc lint`, wait for codeql run next time.

Reviewers: O1 revi & automations, revi

Reviewed By: O1 revi & automations, revi

Differential Revision: https://issuetracker.revi.xyz/D475
This commit is contained in:
revi 2024-06-30 17:22:14 +09:00
parent 24c3fe7517
commit 59f6ff9855
Signed by: revi
GPG key ID: 1EB4F6CEEA100E94
2 changed files with 28 additions and 15 deletions

View file

@ -14,9 +14,16 @@ name: 'CodeQL'
on: on:
push: push:
branches: ['master'] branches:
- master
paths:
- '**.js'
- '**.jsx'
- '**.ts'
- '**.tsx'
pull_request: pull_request:
branches: ['master'] branches:
- master
schedule: schedule:
- cron: '45 21 * * 2' - cron: '45 21 * * 2'
@ -46,19 +53,19 @@ jobs:
fail-fast: false fail-fast: false
matrix: matrix:
include: include:
# CodeQL supports the following values keywords for 'language':
# 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift'
# Use `c-cpp` to analyze code written in C, C++ or both
# Use 'java-kotlin' to analyze code written in Java, Kotlin or both
# Use 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
# To learn more about changing the languages that are analyzed or customizing the build
# mode for your analysis,
# see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.
# If you are analyzing a compiled language, you can modify the 'build-mode' for that
# language to customize how your codebase is analyzed, see
# https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
- language: javascript-typescript - language: javascript-typescript
build-mode: none build-mode: none
# CodeQL supports the following values keywords for 'language':
# 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift'
# Use `c-cpp` to analyze code written in C, C++ or both
# Use 'java-kotlin' to analyze code written in Java, Kotlin or both
# Use 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
# To learn more about changing the languages that are analyzed or customizing the build
# mode for your analysis,
# see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.
# If you are analyzing a compiled language, you can modify the 'build-mode' for that
# language to customize how your codebase is analyzed, see
# https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v4 uses: actions/checkout@v4
@ -67,8 +74,6 @@ jobs:
- name: Initialize CodeQL - name: Initialize CodeQL
uses: github/codeql-action/init@v3 uses: github/codeql-action/init@v3
with: with:
languages: ${{ matrix.language }}
build-mode: ${{ matrix.build-mode }}
# If you wish to specify custom queries, you can do so here or in a config file. # If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file. # By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file. # Prefix the list here with "+" to use these queries and those in the config file.
@ -76,6 +81,8 @@ jobs:
# For more details on CodeQL's query packs, refer to: # For more details on CodeQL's query packs, refer to:
# https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs # https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality # queries: security-extended,security-and-quality
languages: ${{ matrix.language }}
build-mode: ${{ matrix.build-mode }}
# If the analyze step fails for one of the languages you are analyzing with # If the analyze step fails for one of the languages you are analyzing with
# "We were unable to automatically build your code", modify the matrix above # "We were unable to automatically build your code", modify the matrix above

View file

@ -9,10 +9,16 @@ extends: default
ignore-from-file: .gitignore ignore-from-file: .gitignore
rules: rules:
comments:
level: warning
min-spaces-from-content: 1
comments-indentation: {} comments-indentation: {}
document-start: document-start:
present: true present: true
level: warning level: warning
empty-lines:
max: 1
level: warning
line-length: line-length:
max: 80 max: 80
level: warning level: warning