mirror of
https://github.com/Kelsidavis/WoWee.git
synced 2026-05-24 23:33:53 +00:00
3cd360e8d6
All 61 open CodeQL alerts were in vendored third-party libraries (ImGui, miniaudio, stb_*). We do not modify upstream code, so these findings drown out signal in our own code without being actionable.
18 lines
795 B
YAML
18 lines
795 B
YAML
name: wowee-codeql-config
|
|
|
|
# Skip vendored third-party libraries. We do not modify upstream code in
|
|
# extern/ (ImGui, miniaudio, stb_*, etc.) — those projects own their own
|
|
# triage and accepting CodeQL findings there blocks our update path and
|
|
# drowns out signal in our own code.
|
|
paths-ignore:
|
|
- extern
|
|
|
|
# The WoW client protocol (world-socket header cipher) and Warden anti-cheat
|
|
# module protocol both mandate RC4. There is no way to replace RC4 with a
|
|
# stronger algorithm without breaking compatibility with all supported servers.
|
|
# All RC4 uses in this codebase are protocol-layer obligations, not choices.
|
|
# Exclude the weak-crypto query rather than leaving unfixable high-severity
|
|
# alerts that mislead triage.
|
|
query-filters:
|
|
- exclude:
|
|
id: cpp/weak-cryptographic-algorithm
|