ci: switch to CodeQL Advanced Setup
- Add custom codeql.yml workflow - Configure to use codeql-config.yml - Exclude js/missing-rate-limiting rule (false positive) Rate limiting is implemented via @fastify/rate-limit plugin
This commit is contained in:
Daniel Volz
@@ -5,12 +5,13 @@ paths-ignore:
|
||||
- "**/node_modules/**"
|
||||
- "**/dist/**"
|
||||
- "**/*.test.ts"
|
||||
- "**/test/**"
|
||||
|
||||
# Query filters to suppress false positives
|
||||
# The rate limiting alerts are false positives because we use @fastify/rate-limit plugin
|
||||
# which CodeQL doesn't recognize. The plugin is registered globally in index.ts
|
||||
# and route-specific limits are applied via config.rateLimit option.
|
||||
query-filters:
|
||||
# Rate limiting IS implemented via @fastify/rate-limit plugin (registered in index.ts)
|
||||
# Route-specific limits are applied via config.rateLimit option
|
||||
# CodeQL doesn't recognize this Fastify-specific pattern
|
||||
- exclude:
|
||||
id: js/missing-rate-limiting
|
||||
# We use @fastify/rate-limit which CodeQL doesn't detect
|
||||
|
||||
|
||||
Reference in New Issue
Block a user