From 657691c2e0b3de4998fd7790a919af1f329fe7ae Mon Sep 17 00:00:00 2001 From: Dawei Huang Date: Wed, 18 Dec 2024 03:12:05 +0000 Subject: [PATCH] update comment. --- .github/workflows/codeql-analysis.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index d2281487..79a81e88 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -39,7 +39,8 @@ jobs: path: sonic-mgmt-common # Checkout the branch that is being merged into # This workflow has been audited, and no secrets or untrusted code are exposed to the pull_request_target trigger. - ref: ${{ github.event.pull_request.base.ref }} # nosemgrep: yaml.github-actions.security.pull-request-target-code-checkout.pull-request-target-code-checkout + # nosemgrep: yaml.github-actions.security.pull-request-target-code-checkout.pull-request-target-code-checkout + ref: ${{ github.event.pull_request.base.ref }} # Update go.mod to use local sonic-mgmt-common. # This is the same hack used in the CI pipeline. See lgtm.yml.