Skip to content

Exclude playground and tests from CodeQL scanning#15177

Merged
joperezr merged 1 commit intomicrosoft:release/13.2from
joperezr:codeql-exclude-nonshipping
Mar 12, 2026
Merged

Exclude playground and tests from CodeQL scanning#15177
joperezr merged 1 commit intomicrosoft:release/13.2from
joperezr:codeql-exclude-nonshipping

Conversation

@joperezr
Copy link
Copy Markdown
Member

@joperezr joperezr commented Mar 12, 2026

Description

Add a .CodeQL.yml configuration file to exclude the playground/ and tests/ directories from CodeQL scanning. These directories contain sample and test code, not product code, so they don't need to be analyzed by CodeQL. This uses the path_classifiers mechanism to mark them as reference code.

Checklist

  • Is this feature complete?
    • Yes. Ready to ship.
    • No. Follow-up changes expected.
  • Are you including unit tests for the changes and scenario tests if relevant?
    • Yes
    • No
  • Did you add public API?
    • Yes
      • If yes, did you have an API Review for it?
        • Yes
        • No
      • Did you add <remarks /> and <code /> elements on your triple slash comments?
        • Yes
        • No
    • No
  • Does the change make any security assumptions or guarantees?
    • Yes
      • If yes, have you done a threat model and had a security review?
        • Yes
        • No
    • No
  • Does the change require an update in our Aspire docs?

@joperezr
Exclude playground and tests from CodeQL scanning
3bd2865 
These directories are not product code and don't need to be
scanned by CodeQL. Using path_classifiers to mark them as
reference code so they are excluded from analysis results.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@joperezr joperezr requested review from Copilot and eerhardt March 12, 2026 18:13
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 12, 2026

🚀 Dogfood this PR with:

⚠️ WARNING: Do not do this without first carefully reviewing the code of this PR to satisfy yourself it is safe.

curl -fsSL https://raw.githubusercontent.com/dotnet/aspire/main/eng/scripts/get-aspire-cli-pr.sh | bash -s -- 15177

Or

  • Run remotely in PowerShell:
iex "& { $(irm https://raw.githubusercontent.com/dotnet/aspire/main/eng/scripts/get-aspire-cli-pr.ps1) } 15177"

@joperezr joperezr enabled auto-merge (squash) March 12, 2026 18:16
Copilot AI reviewed Mar 12, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a repository-level CodeQL configuration to classify non-product directories as reference code so they’re not included in CodeQL scanning scope, reducing noise from sample and test sources.

Changes:

  • Introduces .CodeQL.yml with path_classifiers configuration.
  • Marks playground/** and tests/** as refs (reference code) for CodeQL.

You can also share your feedback on Copilot code review. Take the survey.

@github-actions github-actions bot mentioned this pull request Mar 12, 2026
Closed
@joperezr joperezr merged commit 3f8c6a5 into microsoft:release/13.2 Mar 12, 2026
504 of 508 checks passed
@dotnet-policy-service dotnet-policy-service bot added this to the 13.2 milestone Mar 12, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@radical radical radical approved these changes

@eerhardt eerhardt eerhardt approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

13.2

Development

Successfully merging this pull request may close these issues.

4 participants

@joperezr @radical @eerhardt