From dedc944c11044be08a8dcc0d178426e8148ca080 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 29 Sep 2025 22:59:18 +0000 Subject: [PATCH 1/4] Initial plan From c5fce6c027468361b251e8d2cde9d923a1df97a3 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 29 Sep 2025 23:03:15 +0000 Subject: [PATCH 2/4] Add config section to CodeQL workflow with query filters and paths-ignore Co-authored-by: mickeygousset <20031479+mickeygousset@users.noreply.github.com> --- .github/workflows/codeql-analysis.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 6c0df92..4649632 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -39,6 +39,16 @@ jobs: queries: +security-and-quality build-mode: none dependency-caching: true + config: | + query-filters: + - exclude: + id: java/missing-call-to-super-finalize + - exclude: + id: java/unread-local-variable + paths-ignore: + - '**/test/**' + - '**/tests/**' + - '**/*.test.java' # Autobuild attempts to build any compiled languages (Java, C#, Go, etc.) # If this step fails, remove it and run the build manually instead From 78bf8bc1ccb41ae636f970163b797313f558c346 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 29 Sep 2025 23:04:42 +0000 Subject: [PATCH 3/4] Add documentation comments to CodeQL config section Co-authored-by: mickeygousset <20031479+mickeygousset@users.noreply.github.com> --- .github/workflows/codeql-analysis.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 4649632..6229d96 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -32,6 +32,9 @@ jobs: java-version: '11' distribution: 'temurin' + # Initialize CodeQL with custom configuration + # - Excludes specific queries that may generate noise + # - Ignores test paths to focus on production code - name: Initialize CodeQL uses: github/codeql-action/init@v3 with: From 69ef614c8696991b13fe7f394c8754d413cac4ff Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 29 Sep 2025 23:06:50 +0000 Subject: [PATCH 4/4] Fix test file pattern to match Maven naming convention Co-authored-by: mickeygousset <20031479+mickeygousset@users.noreply.github.com> --- .github/workflows/codeql-analysis.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 6229d96..c6704c0 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -51,7 +51,8 @@ jobs: paths-ignore: - '**/test/**' - '**/tests/**' - - '**/*.test.java' + - '**/*Test.java' + - '**/*Tests.java' # Autobuild attempts to build any compiled languages (Java, C#, Go, etc.) # If this step fails, remove it and run the build manually instead