CodeQL-Community-Packs icon indicating copy to clipboard operation
CodeQL-Community-Packs copied to clipboard
verified publisher icon GitHubSecurityLab

CodeQL Synthetic Config - Add additional 3rd party paths to ignore

Open felickz opened this issue 1 year ago • 0 comments

This is currently the best reference that aggregates this list of installed/vendored dependency folders that cause CodeQL to report vulns in 3rd party code.

Ex: https://github.com/nodejs/node/tree/main/deps

Ref:

  • https://ghsecuritylab.slack.com/archives/CQJN6KQHX/p1718740573865399

felickz avatar Jul 23 '24 14:07 felickz