diff --git a/.github/scripts/spellcheck.words b/.github/scripts/spellcheck.words index 7aa13af707..8d20279a35 100644 --- a/.github/scripts/spellcheck.words +++ b/.github/scripts/spellcheck.words @@ -121,8 +121,6 @@ CMakeLists CNA CNAME CNAMEs -CodeQL -codeql CODESET codeset Comcast diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml deleted file mode 100644 index e3fe9051e3..0000000000 --- a/.github/workflows/codeql-analysis.yml +++ /dev/null @@ -1,85 +0,0 @@ -# Copyright (C) Daniel Stenberg, , et al. -# -# SPDX-License-Identifier: curl - -name: CodeQL - -'on': - push: - branches: - - master - - '*/ci' - paths-ignore: - - '**/*.md' - - '.circleci/**' - - 'appveyor.*' - - 'docs/**' - - 'packages/**' - - 'plan9/**' - - 'projects/**' - - 'tests/data/**' - - 'winbuild/**' - pull_request: - branches: - - master - paths-ignore: - - '**/*.md' - - '.circleci/**' - - 'appveyor.*' - - 'docs/**' - - 'packages/**' - - 'plan9/**' - - 'projects/**' - - 'tests/data/**' - - 'winbuild/**' - schedule: - - cron: '0 0 * * 4' - -concurrency: - group: ${{ github.workflow }} - -permissions: {} - -jobs: - codeql: - runs-on: ubuntu-latest - permissions: - security-events: write - steps: - - name: 'install prereqs' - run: | - sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list - sudo apt-get update -y - sudo apt-get install -y --no-install-suggests --no-install-recommends \ - libpsl-dev - - - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - with: - persist-credentials: false - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3 - with: - languages: cpp - queries: security-extended - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3 - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - - # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - # - run: | - # make bootstrap - # make release - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3 diff --git a/tests/CI.md b/tests/CI.md index 16aba08305..c4954097c6 100644 --- a/tests/CI.md +++ b/tests/CI.md @@ -31,10 +31,8 @@ Consider the following table while looking at pull request failures: | CI platform as shown in PR | State | What to look at next | | ----------------------------------- | ------ | -------------------------- | - | CI / codeql | stable | quality check results | | CI / fuzzing | stable | fuzzing results | | CI / macos ... | stable | all errors and failures | - | Code scanning results / CodeQL | stable | quality check results | | FreeBSD FreeBSD: ... | stable | all errors and failures | | LGTM analysis: Python | stable | new findings | | LGTM analysis: C/C++ | stable | new findings | @@ -42,7 +40,6 @@ Consider the following table while looking at pull request failures: | AppVeyor | flaky | all errors and failures | | curl.curl (linux ...) | stable | all errors and failures | | curl.curl (windows ...) | flaky | repetitive errors/failures | - | CodeQL | stable | new findings | Sometimes the tests fail due to a dependency service temporarily being offline or otherwise unavailable, for example package downloads. In this case you can @@ -62,7 +59,6 @@ GitHub Actions runs the following tests: - Fuzz tests ([see the curl-fuzzer repo for more info](https://github.com/curl/curl-fuzzer)). - Curl compiled using the Rust TLS backend with Hyper -- CodeQL static analysis These are each configured in different files in `.github/workflows`.