mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-24 21:34:08 +03:00
000096f4c6
It looks like the fix for https://github.com/github/codeql/issues/8409 is not yet in production (and the respective query needs to be enabled in both the main and the PR branch to get results for it, hence why it passed in #22837).
43 lines
1.2 KiB
YAML
43 lines
1.2 KiB
YAML
---
|
|
# vi: ts=2 sw=2 et:
|
|
# SPDX-License-Identifier: LGPL-2.1-or-later
|
|
|
|
# Explicitly enable certain checks which are hidden by default
|
|
queries:
|
|
# See: https://github.com/github/codeql/issues/8409
|
|
- exclude: cpp/missing-return
|
|
- include: cpp/bad-strncpy-size
|
|
- include: cpp/declaration-hides-variable
|
|
- include: cpp/inconsistent-null-check
|
|
- include: cpp/mistyped-function-arguments
|
|
- include: cpp/nested-loops-with-same-variable
|
|
- include: cpp/sizeof-side-effect
|
|
- include: cpp/suspicious-pointer-scaling
|
|
- include: cpp/suspicious-pointer-scaling-void
|
|
- include: cpp/suspicious-sizeof
|
|
- include: cpp/unsafe-strcat
|
|
- include: cpp/unsafe-strncat
|
|
- include: cpp/unsigned-difference-expression-compared-zero
|
|
- include: cpp/unused-local-variable
|
|
- include:
|
|
tags:
|
|
- "security"
|
|
- "correctness"
|
|
severity: "error"
|
|
|
|
extraction:
|
|
cpp:
|
|
prepare:
|
|
packages:
|
|
- libpwquality-dev
|
|
- libfdisk-dev
|
|
- libp11-kit-dev
|
|
- libssl-dev
|
|
- python3-jinja2
|
|
after_prepare:
|
|
- pip3 install -r .github/workflows/requirements.txt --require-hashes
|
|
- export PATH="/opt/work/.local/bin:$PATH"
|
|
python:
|
|
python_setup:
|
|
version: 3
|