ruby-changes:74033
From: Takashi <ko1@a...>
Date: Mon, 17 Oct 2022 14:44:52 +0900 (JST)
Subject: [ruby-changes:74033] fb6a9656a1 (master): Do not run CodeQL on dependabot PRs
https://git.ruby-lang.org/ruby.git/commit/?id=fb6a9656a1 From fb6a9656a114cc9246b657cb4fa63313ef266fe0 Mon Sep 17 00:00:00 2001 From: Takashi Kokubun <takashikkbn@g...> Date: Sun, 16 Oct 2022 22:44:15 -0700 Subject: Do not run CodeQL on dependabot PRs --- .github/workflows/codeql-analysis.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index f9fa0a7449..d812517c9f 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -25,7 +25,8 @@ jobs: https://github.com/ruby/ruby/blob/trunk/.github/workflows/codeql-analysis.yml#L25 # CodeQL runs on ubuntu-latest and windows-latest runs-on: ubuntu-latest - if: ${{ !contains(github.event.head_commit.message, '[DOC]') && !contains(github.event.pull_request.labels.*.name, 'Documentation') }} + # CodeQL fails to run pull requests from dependabot due to missing write access to upload results. + if: ${{ !contains(github.event.head_commit.message, '[DOC]') && !contains(github.event.pull_request.labels.*.name, 'Documentation') && github.event.head_commit.pusher.name != 'dependabot[bot]' }} env: enable_install_doc: no -- cgit v1.2.3 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/