Menu
I had tried using paths-ignore that I read about from https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning but it didn't help since they don't determine what files will be analyzed when the git action runs. I also came across this article https://josh-ops.com/posts/github-codeql-ignore-files/ that talks about using filter-sarif action but it isn't published to the marketplace. Any suggestions would be appreciated
993
asked Dec 04 '25 23:12
You can do this by creating a codeql-config.yml file and referencing it in your GitHub workflow file.
workflow file
- uses: github/codeql-action/init@v3
with:
config-file: ./.github/codeql/codeql-config.yml
codeql-config.yml
paths:
- 'src'
paths-ignore:
- '**/*.test.js'
- '**/*.test.ts'
- '**/*.test.tsx'
- '**/__tests__/**'
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
