From beb3839c6d1d9b4fb977b15e35a5f5bf99a8f74c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 24 Feb 2024 19:26:09 +0000
Subject: [PATCH] Remove CodeQL scans

---
 .github/workflows/codeql-security-scan.yml | 32 ----------------
 .github/workflows/ossar-analysis.yml       | 43 ----------------------
 2 files changed, 75 deletions(-)
 delete mode 100644 .github/workflows/codeql-security-scan.yml
 delete mode 100644 .github/workflows/ossar-analysis.yml

diff --git a/.github/workflows/codeql-security-scan.yml b/.github/workflows/codeql-security-scan.yml
deleted file mode 100644
index ef0eef6..0000000
--- a/.github/workflows/codeql-security-scan.yml
+++ /dev/null
@@ -1,32 +0,0 @@
-name: "CodeQL scanning"
-on:
-  push:
-  pull_request:
-  schedule:
-    - cron: '0 8 * * 3'
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v4
-      with:
-        # We must fetch at least the immediate parents so that if this is
-        # a pull request then we can checkout the head.
-        fetch-depth: 2
-
-    # If this run was triggered by a pull request event, then checkout
-    # the head of the pull request instead of the merge commit.
-    - run: git checkout HEAD^2
-      if: ${{ github.event_name == 'pull_request' }}
-      
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
-      # Override language selection by uncommenting this and choosing your languages
-      with:
-        languages: python
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
diff --git a/.github/workflows/ossar-analysis.yml b/.github/workflows/ossar-analysis.yml
deleted file mode 100644
index 792b1f0..0000000
--- a/.github/workflows/ossar-analysis.yml
+++ /dev/null
@@ -1,43 +0,0 @@
-# This workflow integrates a collection of open source static analysis tools
-# with GitHub code scanning. For documentation, or to provide feedback, visit
-# https://github.com/github/ossar-action
-name: OSSAR
-on:
-  push:
-  pull_request:
-
-jobs:
-  scan:
-    # OSSAR runs on windows-latest.
-    # ubuntu-latest and macos-latest support coming soon
-    runs-on: windows-latest
-    steps:
-      # Checkout your code repository to scan
-    - name: Checkout repository
-      uses: actions/checkout@v4
-      with:
-        # We must fetch at least the immediate parents so that if this is
-        # a pull request then we can checkout the head.
-        fetch-depth: 2
-
-    # If this run was triggered by a pull request event, then checkout
-    # the head of the pull request instead of the merge commit.
-    - run: git checkout HEAD^2
-      if: ${{ github.event_name == 'pull_request' }}
-
-      # Install dotnet, used by OSSAR
-    - name: Install .NET
-      uses: actions/setup-dotnet@v4
-      with:
-        dotnet-version: '6.x'
-
-      # Run open source static analysis tools
-    - name: Run OSSAR
-      uses: github/ossar-action@v1
-      id: ossar
-
-      # Upload results to the Security tab
-    - name: Upload OSSAR results
-      uses: github/codeql-action/upload-sarif@v1
-      with:
-        sarif_file: ${{ steps.ossar.outputs.sarifFile }}