From 50597685a2151906bc615c739252d49abb0a4b79 Mon Sep 17 00:00:00 2001 From: Chad Bentz <1760475+felickz@users.noreply.github.com> Date: Mon, 3 Nov 2025 10:55:36 -0500 Subject: [PATCH 1/4] Add 'code-quality-extended' to query packs list --- misc/scripts/generate-code-scanning-query-list.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misc/scripts/generate-code-scanning-query-list.py b/misc/scripts/generate-code-scanning-query-list.py index 02d59c473ec7..e592875e4bd3 100755 --- a/misc/scripts/generate-code-scanning-query-list.py +++ b/misc/scripts/generate-code-scanning-query-list.py @@ -31,7 +31,7 @@ # Define which languages and query packs to consider languages = [ "actions", "cpp", "csharp", "go", "java", "javascript", "python", "ruby", "rust", "swift" ] -packs = [ "code-scanning", "security-and-quality", "security-extended", "security-experimental", "code-quality"] +packs = [ "code-scanning", "security-and-quality", "security-extended", "security-experimental", "code-quality", "code-quality-extended"] class CodeQL: def __init__(self): From 4346c61e976b8463c635aea17e9c2a7d1a05a841 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 3 Nov 2025 16:19:07 +0000 Subject: [PATCH 2/4] Initial plan From 7b6b703d06f58e4a55609f535c7d8165e4e7dc1d Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 3 Nov 2025 16:31:04 +0000 Subject: [PATCH 3/4] Add quality tag to Actions maintainability query Co-authored-by: felickz <1760475+felickz@users.noreply.github.com> --- .../CodeQL/UnnecessaryUseOfAdvancedConfig.ql | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/actions/ql/src/Violations Of Best Practice/CodeQL/UnnecessaryUseOfAdvancedConfig.ql b/actions/ql/src/Violations Of Best Practice/CodeQL/UnnecessaryUseOfAdvancedConfig.ql index dc65fab292b3..f6af52fd83fa 100644 --- a/actions/ql/src/Violations Of Best Practice/CodeQL/UnnecessaryUseOfAdvancedConfig.ql +++ b/actions/ql/src/Violations Of Best Practice/CodeQL/UnnecessaryUseOfAdvancedConfig.ql @@ -5,8 +5,9 @@ * @problem.severity recommendation * @precision high * @id actions/unnecessary-use-of-advanced-config - * @tags actions + * @tags quality * maintainability + * actions */ import codeql.actions.Violations_Of_Best_Practices.DefaultableCodeQLInitiatlizeActionQuery From 0fc25029bb6cf208300609af320b397d18c18918 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 3 Nov 2025 16:46:56 +0000 Subject: [PATCH 4/4] Revert query file change and fix script to handle empty code-quality-extended suites Co-authored-by: felickz <1760475+felickz@users.noreply.github.com> --- .../CodeQL/UnnecessaryUseOfAdvancedConfig.ql | 3 +-- misc/scripts/generate-code-scanning-query-list.py | 4 ++-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/actions/ql/src/Violations Of Best Practice/CodeQL/UnnecessaryUseOfAdvancedConfig.ql b/actions/ql/src/Violations Of Best Practice/CodeQL/UnnecessaryUseOfAdvancedConfig.ql index f6af52fd83fa..dc65fab292b3 100644 --- a/actions/ql/src/Violations Of Best Practice/CodeQL/UnnecessaryUseOfAdvancedConfig.ql +++ b/actions/ql/src/Violations Of Best Practice/CodeQL/UnnecessaryUseOfAdvancedConfig.ql @@ -5,9 +5,8 @@ * @problem.severity recommendation * @precision high * @id actions/unnecessary-use-of-advanced-config - * @tags quality + * @tags actions * maintainability - * actions */ import codeql.actions.Violations_Of_Best_Practices.DefaultableCodeQLInitiatlizeActionQuery diff --git a/misc/scripts/generate-code-scanning-query-list.py b/misc/scripts/generate-code-scanning-query-list.py index e592875e4bd3..24ed1d5de004 100755 --- a/misc/scripts/generate-code-scanning-query-list.py +++ b/misc/scripts/generate-code-scanning-query-list.py @@ -184,8 +184,8 @@ def subprocess_run(cmd): sys.exit("You can use '--ignore-missing-query-packs' to ignore this error") # Exception for the code-quality suites, which might be empty, but must be resolvable. - if pack == 'code-quality' and queries_subp == '': - print(f'Warning: skipping empty suite code-quality', file=sys.stderr) + if pack in ['code-quality', 'code-quality-extended'] and queries_subp == '': + print(f'Warning: skipping empty suite {pack}', file=sys.stderr) continue # Investigate metadata for every query by using 'codeql resolve metadata'