Do not run CodeQL on dependabot PRs

2022-10-16 22:44:15 -07:00 · 2022-10-16 22:44:15 -07:00 · fb6a9656a1
commit fb6a9656a1
parent 0d7292ec73
1 changed files with 2 additions and 1 deletions
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@ -25,7 +25,8 @@ jobs:

    # CodeQL runs on ubuntu-latest and windows-latest
    runs-on: ubuntu-latest
-    if: ${{ !contains(github.event.head_commit.message, '[DOC]') && !contains(github.event.pull_request.labels.*.name, 'Documentation') }}
+    # CodeQL fails to run pull requests from dependabot due to missing write access to upload results.
+    if: ${{ !contains(github.event.head_commit.message, '[DOC]') && !contains(github.event.pull_request.labels.*.name, 'Documentation') && github.event.head_commit.pusher.name != 'dependabot[bot]' }}

    env:
      enable_install_doc: no