Skip to content

fix: add CodeQL workflow with disk space cleanup #8817

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Nov 4, 2025
Merged

fix: add CodeQL workflow with disk space cleanup #8817

merged 2 commits into from
Nov 4, 2025

Conversation

@tristandubbeld
Copy link
Contributor

@tristandubbeld tristandubbeld commented Nov 4, 2025
edited
Loading

Summary

This PR adds a CodeQL workflow with disk space cleanup to prevent "No space left on device" errors during analysis.

Changes

  • Added .github/workflows/codeql.yml - CodeQL workflow with disk space cleanup step
  • Added .github/codeql/codeql-config.yml - CodeQL configuration to exclude unnecessary files from analysis

Verifying the Workflow

  • The workflow will automatically trigger on:
    • Pushes to main branch
    • Pull requests to main branch
    • Weekly schedule (Sundays at midnight UTC)
  • You can check the Actions tab to see workflow runs

What Should Be Disabled

  • Disable the "Default setup" for CodeQL analysis:
    • In Settings → Code security and analysis → Tools → CodeQL analysis
    • Click the three-dot menu (⋯) next to "Default setup"
    • Select "Disable CodeQL" or "Switch to advanced setup"
    • This prevents conflicts with the custom workflow file

How It Works

  1. Disk Space Cleanup: The workflow starts by removing unnecessary tools and caches (~5-10 GB freed)
  2. Path Exclusions: The CodeQL config excludes node_modules, build artifacts, test fixtures, and other non-production files
  3. Analysis: CodeQL analyzes only production JavaScript/TypeScript code

This should resolve the disk space issues seen in previous CodeQL runs and the "Code scanning configuration error" currently showing in the UI.

@codesandbox
Copy link

codesandbox bot commented Nov 4, 2025

Review or Edit in CodeSandbox

Open the branch in Web EditorVS CodeInsiders

Open Preview

@github-advanced-security
Copy link

github-advanced-security bot commented Nov 4, 2025

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@tristandubbeld tristandubbeld enabled auto-merge (squash) November 4, 2025 13:39
@tristandubbeld tristandubbeld merged commit af9fc4d into main Nov 4, 2025
10 of 13 checks passed
@tristandubbeld tristandubbeld deleted the fix/codeql-disk-space-cleanup branch November 4, 2025 14:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alexnm alexnm alexnm approved these changes

@CompuIves CompuIves Awaiting requested review from CompuIves

@sannek sannek Awaiting requested review from sannek

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@tristandubbeld @alexnm