From f0f94f25400caf1304d817d7eb2751b94269872f Mon Sep 17 00:00:00 2001
From: Rip&Tear <84775494+theCyberTech@users.noreply.github.com>
Date: Mon, 6 Oct 2025 08:21:51 +0800
Subject: [PATCH] fix: add CodeQL configuration to properly exclude template
 directories (#3641)

---
 .github/codeql/codeql-config.yml | 21 +++++++++++++++++++++
 .github/workflows/codeql.yml     |  1 +
 2 files changed, 22 insertions(+)
 create mode 100644 .github/codeql/codeql-config.yml

diff --git a/.github/codeql/codeql-config.yml b/.github/codeql/codeql-config.yml
new file mode 100644
index 000000000..ac87b85a4
--- /dev/null
+++ b/.github/codeql/codeql-config.yml
@@ -0,0 +1,21 @@
+name: "CodeQL Config"
+
+paths-ignore:
+  # Ignore template files - these are boilerplate code that shouldn't be analyzed
+  - "src/crewai/cli/templates/**"
+  # Ignore test cassettes - these are test fixtures/recordings
+  - "tests/cassettes/**"
+  # Ignore cache and build artifacts
+  - ".cache/**"
+  # Ignore documentation build artifacts
+  - "docs/.cache/**"
+  
+paths:
+  # Include all Python source code
+  - "src/**"
+  # Include tests (but exclude cassettes)
+  - "tests/**"
+
+# Configure specific queries or packs if needed
+# queries:
+#   - uses: security-and-quality
\ No newline at end of file
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index b2bd0d883..6e0bf7c24 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -73,6 +73,7 @@ jobs:
       with:
         languages: ${{ matrix.language }}
         build-mode: ${{ matrix.build-mode }}
+        config-file: ./.github/codeql/codeql-config.yml
         # If you wish to specify custom queries, you can do so here or in a config file.
         # By default, queries listed here will override any specified in a config file.
         # Prefix the list here with "+" to use these queries and those in the config file.