Don't run CodeQL if only minimized JavaScript was changed and fix some issues #6214
Conversation
Signed-off-by: Stefan Weil <[email protected]>
Signed-off-by: Stefan Weil <[email protected]>
Signed-off-by: Stefan Weil <[email protected]>
| @@ -15,6 +15,8 @@ on: | |||
| push: | |||
| pull_request: | |||
| branches: [ master ] | |||
| paths-ignore: | |||
| - '**/*_min.js' | |||
There was a problem hiding this comment.
This will hide any file ending of "_min.js" which must not be necessary a minimized JavaScript version of a bigger JavaScript file. Other minimized JavaScript files (f.e Kitodo/src/main/webapp/js/jquery-2.1.1.min.js or Kitodo/src/main/webapp/WEB-INF/resources/js/libs/wavesurfer/wavesurfer.esm.js) which have a other name schema for minimization will be checked still. If I would to ignore a file I would name it directly and not use a global big match pattern. But this is only my opinion and can be ignored if they did not right.
There was a problem hiding this comment.
I think jquery-2.1.1.min.js should be removed because it is a ten years old security risk. Maybe Kitodo can use the JQuery package which is part of Debian / Ubuntu (libjs-jquery 3.6.1 in Debian stable) if this is required.
|
I created a separate pull request #6242 for the missing override annotations. Hopefully this makes it easier to get some CodeQL issues fixed. |
It's not necessary to run CodeQL (and spend related resources like energy and time) for all kinds of file changes. Here changes of minimized JavaScript are ignored.
In addition some missing
@Overridetags are added to fix related CodeQL issues.