From 7bc7ccb6b2df46e2cb6aea73fa718b41c666c250 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Thomas=20Wei=C3=9Fschuh?= <thomas@t-8ch.de>
Date: Wed, 12 Jul 2023 17:16:16 +0200
Subject: [PATCH] ci: disable cpp/path-injection rule
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

This rule fires for file operations on user-specified paths.
As this behavior is the very core of many util-linux utilities it is a
false positive.

Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
---
 .github/workflows/codeql.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 671e569daf..b7d98a0de7 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -39,6 +39,10 @@ jobs:
         with:
           languages: ${{ matrix.language }}
           queries: +security-extended,security-and-quality
+          config: |
+            query-filters:
+            - exclude:
+                id: cpp/path-injection
 
       - name: Install dependencies
         run: sudo -E .github/workflows/cibuild-setup-ubuntu.sh
-- 
2.47.3