From: Thomas Weißschuh <thomas@t-8ch.de>
Date: Wed, 12 Jul 2023 15:16:16 +0000 (+0200)
Subject: ci: disable cpp/path-injection rule
X-Git-Tag: v2.40-rc1~330^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7bc7ccb6b2df46e2cb6aea73fa718b41c666c250;p=thirdparty%2Futil-linux.git

ci: disable cpp/path-injection rule

This rule fires for file operations on user-specified paths.
As this behavior is the very core of many util-linux utilities it is a
false positive.

Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
---

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 671e569daf..b7d98a0de7 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -39,6 +39,10 @@ jobs:
         with:
           languages: ${{ matrix.language }}
           queries: +security-extended,security-and-quality
+          config: |
+            query-filters:
+            - exclude:
+                id: cpp/path-injection
 
       - name: Install dependencies
         run: sudo -E .github/workflows/cibuild-setup-ubuntu.sh