CodeQL-Dependabot compatibility

mislav · mislav · commit dabaa5ad7ddd · 2021-10-11T11:27:54.000+02:00
Configure the CodeQL workflow to avoid running for pushes on all pull requests because that causes problems with Dependabot PRs. https://github.com/cli/cli/pull/4475/checks?check_run_id=3857074760
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -2,7 +2,11 @@ name: Code Scanning
 
 on:
   push:
+    branches: [trunk]
   pull_request:
+    branches: [trunk]
+    paths-ignore:
+      - '**/*.md'
   schedule:
     - cron: "0 0 * * 0"
 
