toolkit

actions

toolkit

mirror of https://github.com/actions/toolkit

Add on: pull_request trigger to CodeQL workflow (#689)

From February 2021, in order to provide feedback on pull requests, Code Scanning workflows must be configured with both `push` and `pull_request` triggers. This is because Code Scanning compares the results from a pull request against the results for the base branch to tell you only what has changed between the two.

Early in the beta period we supported displaying results on pull requests for workflows with only `push` triggers, but have discontinued support as this proved to be less robust.

See https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#scanning-pull-requests for more information on how best to configure your Code Scanning workflows.

pull/693/head

Robin Neatherway

2021-01-15 11:22:00 +00:00

committed by

GitHub

parent c861dd8859

commit 85f6235ca9

No known key found for this signature in database

GPG Key ID: 4AEE18F83AFDEB23

1 changed files with 1 additions and 0 deletions

									
										1

.github/workflows/codeql.ymlvendored

										View File
									
				@ -2,6 +2,7 @@ name: "Code Scanning - Action"

				on:

				  push:

				  pull_request:

				  schedule:

				    - cron: '0 0 * * 0'

Add on: pull_request trigger to CodeQL workflow (#689)

1 .github/workflows/codeql.yml vendored Unescape Escape View File

1

.github/workflows/codeql.yml vendored

View File