You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+19Lines changed: 19 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1215,3 +1215,22 @@ foomatic-filters package. It was not overtaken into cups-filters
1215
1215
together with foomatic-rip to avoid the introduction of a dependency
1216
1216
on Perl. Now it has been re-written in C and so it can be part of
1217
1217
cups-filters without introducing new dependencies.
1218
+
1219
+
---
1220
+
1221
+
## DEVELOPMENT AND CI/CD
1222
+
1223
+
### CodeQL Static Analysis Configuration
1224
+
1225
+
This repository uses a custom GitHub Actions workflow for CodeQL static analysis located at `.github/workflows/static-analysis.yml`. To ensure accurate analysis and avoid conflicts with GitHub's default settings, the following repository configurations are required:
1226
+
1227
+
1. **Enable Advanced Setup**:
1228
+
- Go to **Settings** -> **Code security and analysis**.
1229
+
- Under **Code scanning**, locate **CodeQL analysis**.
1230
+
- If "Default" is enabled, click the three dots (...) and select **Switch to advanced**.
1231
+
2. **Disable Default Setup**:
1232
+
- The "Default" setup must be disabled for the custom workflow to upload results successfully.
1233
+
3. **Custom Workflow Dependencies**:
1234
+
- Our custom workflow is designed to install specific project dependencies and perform a manual build before the analysis. This ensures that CodeQL has a complete build graph for the C sources in this repository.
1235
+
1236
+
*Note: If the Default setup is active, GitHub may reject the results uploaded by the manual workflow, causing the CI job to fail.*
0 commit comments