Conversation
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
|
It's the end of the day on Thursday. CodeQL passed for C++ for the first time. I'm off tomorrow (Friday) and I'll be back on Monday. I'll pick this up next week and continue my investigation. |
.github/workflows/codeql-daily.yml
Outdated
| # Explicitly define which C++ file we're interested in | ||
| $sourceDir = "etw/native/src/main/cpp" | ||
| $headerDir = "etw/native/src/main/headers" | ||
| $cppFile = "$sourceDir/etw_provider.cpp" |
There was a problem hiding this comment.
All the C++ files in this repo exist in this directory:
https://github.com/microsoft/ApplicationInsights-Java/tree/main/etw/native/src/main
TimothyMothra
requested review from
harsimar,
jeanbisutti,
rajkumar-rangaraj,
ramthi and
trask
as code owners
…crosoft/ApplicationInsights-Java into tilee/202505_testingCodeQLfix
| languages: cpp | ||
| debug: true | ||
|
|
||
| - name: Build C++ code |
There was a problem hiding this comment.
maybe worth adding a comment here about why the normal compilation of C++ code that we do via gradle doesn't get picked up by codeql?
3 participants
This change adds C++ to the CodeQL workflow.
This task creates a temporary file that is used to compile each of the C++ files.
This step passes when running as part of the PR. I need it to run on the main branch to test if it resolves our CodeQL compliance.