- name: Enable possibly useful queries which are disabled by default
uses: ./.github/codeql-custom.qls
- name: systemd-specific CodeQL queries
- uses: ./.lgtm/cpp-queries/
+ uses: ./.github/codeql-queries/
+++ /dev/null
----
-# vi: ts=2 sw=2 et:
-# SPDX-License-Identifier: LGPL-2.1-or-later
-
-# Explicitly enable certain checks which are hidden by default
-queries:
- - include: cpp/bad-strncpy-size
- - include: cpp/declaration-hides-variable
- - include: cpp/inconsistent-null-check
- - include: cpp/mistyped-function-arguments
- - include: cpp/nested-loops-with-same-variable
- - include: cpp/sizeof-side-effect
- - include: cpp/suspicious-pointer-scaling
- - include: cpp/suspicious-pointer-scaling-void
- - include: cpp/suspicious-sizeof
- - include: cpp/unsafe-strcat
- - include: cpp/unsafe-strncat
- - include: cpp/unsigned-difference-expression-compared-zero
- - include: cpp/unused-local-variable
- - include:
- tags:
- - "security"
- - "correctness"
- severity: "error"
-
-extraction:
- cpp:
- prepare:
- packages:
- - libpwquality-dev
- - libfdisk-dev
- - libp11-kit-dev
- - libssl-dev
- - python3-jinja2
- after_prepare:
- - pip3 install -r .github/workflows/requirements.txt --require-hashes
- - export PATH="/opt/work/.local/bin:$PATH"
- python:
- python_setup:
- version: 3