From 79c65b3e44a9aa33197212802c3d2eb9e038df1f Mon Sep 17 00:00:00 2001
From: Cotes Chung <11371340+cotes2020@users.noreply.github.com>
Date: Wed, 14 Feb 2024 00:02:05 +0800
Subject: [PATCH] build(security): correct scan path for CodeQL

---
 .github/codeql/codeql-config.yml | 2 ++
 .github/workflows/codeql.yml     | 5 +++--
 2 files changed, 5 insertions(+), 2 deletions(-)
 create mode 100644 .github/codeql/codeql-config.yml

diff --git a/.github/codeql/codeql-config.yml b/.github/codeql/codeql-config.yml
new file mode 100644
index 0000000..1439beb
--- /dev/null
+++ b/.github/codeql/codeql-config.yml
@@ -0,0 +1,2 @@
+paths-ignore:
+  - "assets/js"
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 1745fcf..b09590d 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -2,9 +2,9 @@ name: "CodeQL"
 
 on:
   push:
-    paths: ["_javascript/**.js"]
+    paths: ["_javascript/**/*.js"]
   pull_request:
-    paths: ["_javascript/**.js"]
+    paths: ["_javascript/**/*.js"]
 
 jobs:
   analyze:
@@ -30,6 +30,7 @@ jobs:
         uses: github/codeql-action/init@v3
         with:
           languages: "${{ matrix.language }}"
+          config-file: .github/codeql/codeql-config.yml
 
       # Autobuild attempts to build any compiled languages  (C/C++, C#, Go, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)