Skip to content

ci(repo): fix CodeQL workflow - Rust needs build-mode none #45

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
saagpatel merged 1 commit into from
Apr 21, 2026
Merged

ci(repo): fix CodeQL workflow - Rust needs build-mode none #45

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 6 additions & 24 deletions .github/workflows/codeql.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,30 +28,21 @@ jobs:
- language: javascript-typescript
build-mode: none
- language: rust
build-mode: manual
# Rust support in CodeQL only accepts build-mode: none at this time;
# the extractor runs from source without a project-specific build step.
build-mode: none
steps:
- name: Checkout
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5

- name: Setup pnpm
if: matrix.language == 'javascript-typescript'
uses: pnpm/action-setup@c5ba7f7862a0f64c1b1a05fbac13e0b8e86ba08c
with:
version: 10.28.1

- name: Setup Node.js
if: matrix.language == 'javascript-typescript'
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444
with:
node-version: "20"
cache: "pnpm"
cache-dependency-path: pnpm-lock.yaml

- name: Install Rust
if: matrix.language == 'rust'
uses: dtolnay/rust-toolchain@3c5f7ea28cd621ae0bf5283f0e981fb97b8a7af9
with:
toolchain: stable
# Deliberately no `cache: "pnpm"` here: build-mode: none does not run
# `pnpm install`, so a cache-save step at teardown fails with "Path(s)
# specified ... do(es) not exist".

- name: Initialize CodeQL
uses: github/codeql-action/init@865f5f5c36632f18690a3d569fa0a764f2da0c3e
Expand All @@ -60,15 +51,6 @@ jobs:
build-mode: ${{ matrix.build-mode }}
queries: security-extended

- name: Build Rust (manual mode)
if: matrix.language == 'rust'
working-directory: src-tauri
# CodeQL's manual build mode needs compilation to extract Rust code.
# Skip the Tauri lib context requirement by building just cargo crates
# relevant to analysis.
run: |
cargo build --all-targets --locked || cargo build --locked

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@865f5f5c36632f18690a3d569fa0a764f2da0c3e
with:
Expand Down
Loading