Closed XhmikosR closed 1 year ago
github-advanced-security[bot]
commented
1 year ago You have successfully added a new CodeQL configuration /language:cpp. As part of the setup process, we have scanned this repository and found 53 existing alerts. Please check the repository Security tab to see all alerts.
tjko
commented
1 year ago Thanks. Results seem to be 'polluted' by mozjpeg it seems, is there easy way to exclude third party libraries being scanned, etc, using regular expression, etc. ?
XhmikosR
commented
1 year ago Unfortunately, the exclude solution I tried doesn't seem to work for c++ :/
There's even a warning showing that paths-ignore doesn't work for C++, for example https://github.com/tjko/jpegoptim/actions/runs/4539350951/jobs/7999135156#step:3:329
You could close the issues in the security tab, but I know it's not a real solution
@tjko this should help with some security issues (I see them in my fork, but only people with push rights will be able to see them in your repo)
There, you can ignore the issues from 3rd-party libraries if you want so that they don't pollute your results.
Later you should switch to
security-extended,security-and-qualityafter the critical and high issues are fixed :)Regarding the cron, let me know if you want me to change it to something else or remove it.