diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 6a23088d..0cd04bb7 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -63,3 +63,19 @@ jobs: - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" + # define the output folder for SARIF files + output: sarif-results + + # Unlock inline mechanism to suppress CodeQL warnings. + # https://github.com/github/codeql/issues/11427#issuecomment-1721059096 + - name: Dismiss alerts + if: github.ref == 'refs/heads/main' + uses: advanced-security/dismiss-alerts@v1 + with: + # specify a 'sarif-id' and 'sarif-file' + sarif-id: ${{ steps.analyze.outputs.sarif-id }} + sarif-file: sarif-results/${{ matrix.language }}.sarif + env: + GITHUB_TOKEN: ${{ github.token }} diff --git a/src/crate/client/__init__.py b/src/crate/client/__init__.py index 35a53d6e..c84cb107 100644 --- a/src/crate/client/__init__.py +++ b/src/crate/client/__init__.py @@ -31,6 +31,6 @@ # regex! __version__ = "1.0.0" -apilevel = "2.0" -threadsafety = 1 -paramstyle = "qmark" +apilevel = "2.0" # codeql[py/unused-global-variable] +threadsafety = 1 # codeql[py/unused-global-variable] +paramstyle = "qmark" # codeql[py/unused-global-variable]