Merge pull request #40 from microsoft/u/sgriffin/codeql

U/sgriffin/codeql

Author: stephenegriffin

.github/workflows/codeql.yml

@@ -7,16 +7,11 @@ on:
   pull_request:
     branches: [ "main" ]
   schedule:
-    - cron: '33 1 * * 2'
+    - cron: '33 1 * * 2' # Run at 1:33 on Tuesdays
 
 jobs:
   analyze:
     name: Analyze (${{ matrix.language }})
-    # Runner size impacts CodeQL analysis time. To learn more, please see:
-    #   - https://gh.io/recommended-hardware-resources-for-running-codeql
-    #   - https://gh.io/supported-runners-and-hardware-resources
-    #   - https://gh.io/using-larger-runners (GitHub.com only)
-    # Consider using larger runners or machines with greater resources for possible analysis time improvements.
     runs-on: windows-latest
     permissions:
       packages: read
@@ -54,8 +49,8 @@ jobs:
           # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
           # queries: security-extended,security-and-quality
 
-      # - name: Autobuild
-      #   uses: github/codeql-action/autobuild@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
 
       - name: Perform CodeQL Analysis
         id: analyze
@@ -66,4 +61,4 @@ jobs:
       - name: Upload CodeQL Analysis Results
         uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
         with:
-          path: ${{ steps.analyze.outputs.sarif-output }}
+          path: ${{ steps.analyze.outputs.sarif-output }}

.github/workflows/github-ci.yml

@@ -32,29 +32,12 @@ jobs:
       with:
         submodules: 'recursive'
 
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
-      with:
-        languages: "cpp"
-
     - name: "Build"
       shell: pwsh
       run: |
         $path = & "${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer\vswhere.exe" -latest -property installationPath
         & $path\MSBuild\Current\Bin\amd64\msbuild.exe /m /p:Configuration="${{matrix.configuration}}" /p:Platform="${{matrix.platform}}" mapistub.sln
 
-    - name: Perform CodeQL Analysis
-      id: analyze
-      uses: github/codeql-action/analyze@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
-      with:
-        category: "/language:cpp"
-
-    - name: Upload CodeQL Analysis Results
-      uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
-      with:
-        name: codeql-results-${{ matrix.configuration }}-${{ matrix.platform }}
-        path: ${{ steps.analyze.outputs.sarif-output }}
-
   publish-test-results:
     name: "Publish Tests Results"
     needs: build