From d7c3f1a86d2563d4a93c43fee03c6853726ae15e Mon Sep 17 00:00:00 2001
From: Stephen Griffin <sgriffin@outlook.com>
Date: Tue, 12 Nov 2024 16:32:02 -0500
Subject: [PATCH 1/5] remoce codeql from ci so it's only in one workflow

---
 .github/workflows/github-ci.yml | 17 -----------------
 1 file changed, 17 deletions(-)

diff --git a/.github/workflows/github-ci.yml b/.github/workflows/github-ci.yml
index f6c56c7..e23c284 100644
--- a/.github/workflows/github-ci.yml
+++ b/.github/workflows/github-ci.yml
@@ -32,29 +32,12 @@ jobs:
       with:
         submodules: 'recursive'
 
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
-      with:
-        languages: "cpp"
-
     - name: "Build"
       shell: pwsh
       run: |
         $path = & "${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer\vswhere.exe" -latest -property installationPath
         & $path\MSBuild\Current\Bin\amd64\msbuild.exe /m /p:Configuration="${{matrix.configuration}}" /p:Platform="${{matrix.platform}}" mapistub.sln
 
-    - name: Perform CodeQL Analysis
-      id: analyze
-      uses: github/codeql-action/analyze@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
-      with:
-        category: "/language:cpp"
-
-    - name: Upload CodeQL Analysis Results
-      uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
-      with:
-        name: codeql-results-${{ matrix.configuration }}-${{ matrix.platform }}
-        path: ${{ steps.analyze.outputs.sarif-output }}
-
   publish-test-results:
     name: "Publish Tests Results"
     needs: build

From ef9afcc9f4e6ad62f0e2bf7b9498c4c442a79a60 Mon Sep 17 00:00:00 2001
From: Stephen Griffin <sgriffin@outlook.com>
Date: Tue, 12 Nov 2024 16:34:19 -0500
Subject: [PATCH 2/5] add autobuild back to codeql

---
 .github/workflows/codeql.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 9581da7..076845d 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -7,7 +7,7 @@ on:
   pull_request:
     branches: [ "main" ]
   schedule:
-    - cron: '33 1 * * 2'
+    - cron: '33 1 * * 2' # Run at 1:33 on Tuesdays
 
 jobs:
   analyze:
@@ -54,8 +54,8 @@ jobs:
           # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
           # queries: security-extended,security-and-quality
 
-      # - name: Autobuild
-      #   uses: github/codeql-action/autobuild@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
 
       - name: Perform CodeQL Analysis
         id: analyze

From 0060e81a4453f591922a34b86158c28025170835 Mon Sep 17 00:00:00 2001
From: Stephen Griffin <sgriffin@outlook.com>
Date: Wed, 13 Nov 2024 08:27:11 -0500
Subject: [PATCH 3/5] merge with main

---
 .github/workflows/codeql.yml     |  4 ++--
 .github/workflows/devskim.yml    |  2 +-
 .github/workflows/github-ci.yml  | 17 +++++++++++++++++
 .github/workflows/scorecards.yml |  2 +-
 4 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 076845d..c4d0625 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -43,7 +43,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
+        uses: github/codeql-action/init@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
         with:
           languages: ${{ matrix.language }}
           build-mode: ${{ matrix.build-mode }}
@@ -59,7 +59,7 @@ jobs:
 
       - name: Perform CodeQL Analysis
         id: analyze
-        uses: github/codeql-action/analyze@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
+        uses: github/codeql-action/analyze@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
         with:
           category: "/language:${{matrix.language}}"
 
diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml
index 32d473f..7f65349 100644
--- a/.github/workflows/devskim.yml
+++ b/.github/workflows/devskim.yml
@@ -29,7 +29,7 @@ jobs:
         uses: microsoft/DevSkim-Action@914fa647b406c387000300b2f09bb28691be2b6d # v1.0.14
         
       - name: Upload DevSkim scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
+        uses: github/codeql-action/upload-sarif@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
         with:
           sarif_file: devskim-results.sarif
 
diff --git a/.github/workflows/github-ci.yml b/.github/workflows/github-ci.yml
index e23c284..f6c56c7 100644
--- a/.github/workflows/github-ci.yml
+++ b/.github/workflows/github-ci.yml
@@ -32,12 +32,29 @@ jobs:
       with:
         submodules: 'recursive'
 
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
+      with:
+        languages: "cpp"
+
     - name: "Build"
       shell: pwsh
       run: |
         $path = & "${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer\vswhere.exe" -latest -property installationPath
         & $path\MSBuild\Current\Bin\amd64\msbuild.exe /m /p:Configuration="${{matrix.configuration}}" /p:Platform="${{matrix.platform}}" mapistub.sln
 
+    - name: Perform CodeQL Analysis
+      id: analyze
+      uses: github/codeql-action/analyze@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
+      with:
+        category: "/language:cpp"
+
+    - name: Upload CodeQL Analysis Results
+      uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+      with:
+        name: codeql-results-${{ matrix.configuration }}-${{ matrix.platform }}
+        path: ${{ steps.analyze.outputs.sarif-output }}
+
   publish-test-results:
     name: "Publish Tests Results"
     needs: build
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index 859bd84..9e14b0f 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -71,6 +71,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
+        uses: github/codeql-action/upload-sarif@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
         with:
           sarif_file: results.sarif

From ff771a0b370526aabd99b32bd850c075c568ad03 Mon Sep 17 00:00:00 2001
From: Stephen Griffin <stephenegriffin@users.noreply.github.com>
Date: Wed, 13 Nov 2024 09:16:24 -0500
Subject: [PATCH 4/5] Update codeql.yml

---
 .github/workflows/codeql.yml | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index c4d0625..4dd715f 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -12,11 +12,6 @@ on:
 jobs:
   analyze:
     name: Analyze (${{ matrix.language }})
-    # Runner size impacts CodeQL analysis time. To learn more, please see:
-    #   - https://gh.io/recommended-hardware-resources-for-running-codeql
-    #   - https://gh.io/supported-runners-and-hardware-resources
-    #   - https://gh.io/using-larger-runners (GitHub.com only)
-    # Consider using larger runners or machines with greater resources for possible analysis time improvements.
     runs-on: windows-latest
     permissions:
       packages: read
@@ -66,4 +61,4 @@ jobs:
       - name: Upload CodeQL Analysis Results
         uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
         with:
-          path: ${{ steps.analyze.outputs.sarif-output }}
\ No newline at end of file
+          path: ${{ steps.analyze.outputs.sarif-output }}

From 619f6c670a5a490d36ff4ee67c5cb2c283bdf809 Mon Sep 17 00:00:00 2001
From: Stephen Griffin <sgriffin@outlook.com>
Date: Wed, 13 Nov 2024 09:26:48 -0500
Subject: [PATCH 5/5] rekill codeql from ci

---
 .github/workflows/github-ci.yml | 17 -----------------
 1 file changed, 17 deletions(-)

diff --git a/.github/workflows/github-ci.yml b/.github/workflows/github-ci.yml
index 9cdbdf5..e23c284 100644
--- a/.github/workflows/github-ci.yml
+++ b/.github/workflows/github-ci.yml
@@ -32,29 +32,12 @@ jobs:
       with:
         submodules: 'recursive'
 
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
-      with:
-        languages: "cpp"
-
     - name: "Build"
       shell: pwsh
       run: |
         $path = & "${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer\vswhere.exe" -latest -property installationPath
         & $path\MSBuild\Current\Bin\amd64\msbuild.exe /m /p:Configuration="${{matrix.configuration}}" /p:Platform="${{matrix.platform}}" mapistub.sln
 
-    - name: Perform CodeQL Analysis
-      id: analyze
-      uses: github/codeql-action/analyze@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
-      with:
-        category: "/language:cpp"
-
-    - name: Upload CodeQL Analysis Results
-      uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
-      with:
-        name: codeql-results-${{ matrix.configuration }}-${{ matrix.platform }}
-        path: ${{ steps.analyze.outputs.sarif-output }}
-
   publish-test-results:
     name: "Publish Tests Results"
     needs: build