@@ -65,36 +65,23 @@ jobs:
6565 uses : github/codeql-action/analyze@v4
6666 with :
6767 category : CodeQL
68- upload : always
68+ upload : false
6969 id : analyze
7070
71- # - name: Filter out unwanted errors and warnings
72- # uses: advanced-security/filter-sarif@v1
73- # with:
74- # patterns: |
75- # -**:cpp/path-injection
76- # -**:cpp/world-writable-file-creation
77- # -**:cpp/poorly-documented-function
78- # -**:cpp/potentially-dangerous-function
79- # -**:cpp/use-of-goto
80- # -**:cpp/integer-multiplication-cast-to-long
81- # -**:cpp/comparison-with-wider-type
82- # -**:cpp/leap-year/*
83- # -**:cpp/ambiguously-signed-bit-field
84- # -**:cpp/suspicious-pointer-scaling
85- # -**:cpp/suspicious-pointer-scaling-void
86- # -**:cpp/unsigned-comparison-zero
87- # -**/third*party/**
88- # -**/3rd*party/**
89- # -**/external/**
90- # input: ${{ steps.analyze.outputs.sarif-output }}/cpp.sarif
91- # output: ${{ steps.analyze.outputs.sarif-output }}/cpp.sarif
92- #
93- # - name: Upload SARIF
94- # uses: github/codeql-action/upload-sarif@v4
95- # with:
96- # sarif_file: ${{ steps.analyze.outputs.sarif-output }}
97- # category: CodeQL
71+ - name : Filter SARIF report
72+ uses : advanced-security/filter-sarif@v1
73+ with :
74+ patterns : |
75+ -hw/mcu/**
76+ -lib/**
77+ input : ${{ steps.analyze.outputs.sarif-output }}/cpp.sarif
78+ output : ${{ steps.analyze.outputs.sarif-output }}/cpp.sarif
79+
80+ - name : Upload SARIF
81+ uses : github/codeql-action/upload-sarif@v4
82+ with :
83+ sarif_file : ${{ steps.analyze.outputs.sarif-output }}
84+ category : CodeQL
9885
9986 - name : Upload artifact
10087 uses : actions/upload-artifact@v5
0 commit comments