mirror of
https://github.com/facebook/docusaurus.git
synced 2026-06-28 03:30:14 -04:00
Sébastien Lorber
22 lines
669 B
YAML
22 lines
669 B
YAML
name: Docusaurus CodeQL config
|
|
|
|
paths-ignore:
|
|
- '**/__fixtures__/**'
|
|
- website/_dogfooding/_asset-tests/badSyntax.js
|
|
|
|
# We can disable various rules because Docusaurus has no runtime
|
|
# The inputs (files, CLI args) are usually controlled locally
|
|
query-filters:
|
|
# Many false positives
|
|
# Example: https://github.com/facebook/docusaurus/security/code-scanning/168
|
|
- exclude:
|
|
id: js/path-injection
|
|
# Many false positives
|
|
# Example: https://github.com/facebook/docusaurus/security/code-scanning/150
|
|
- exclude:
|
|
id: js/polynomial-redos
|
|
# - exclude:
|
|
# id: js/command-line-injection
|
|
# - exclude:
|
|
# id: js/indirect-command-line-injection
|