From bbfe39722a2eda02c38b4aa37402277d077ae714 Mon Sep 17 00:00:00 2001
From: Julien Voisin <jvoisin@users.noreply.github.com>
Date: Thu, 26 Dec 2024 18:33:41 +0000
Subject: [PATCH] ci: tighten the CodeQL rules

- don't run CodeQL on test files
- don't run CodeQL if no `.go` nor `.js` file have been modified.
---
 .github/workflows/codeql-analysis.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index b2eb4d95..d6d46511 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -5,9 +5,17 @@ permissions: read-all
 on:
   push:
     branches: [ main ]
+    paths:
+      - '**.js'
+      - '**.go'
+      - '!**_test.go'
   pull_request:
     # The branches below must be a subset of the branches above
     branches: [ main ]
+    paths:
+      - '**.js'
+      - '**.go'
+      - '!**_test.go'
   schedule:
     - cron: '45 22 * * 3'