From 9f3efb52537f19a41211c9346dfd03e898fee8fd Mon Sep 17 00:00:00 2001
From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com>
Date: Fri, 26 Feb 2021 16:43:38 -0500
Subject: [PATCH] Update CodeQL workflow for GitHub Actions

I noticed the following warning when looking at GHA workflow runs:

1 issue was detected with this workflow: git checkout HEAD^2 is no longer
necessary. Please remove this step as Code Scanning recommends analyzing the
merge commit for best results.

After looking into it I updated the workflow per this page on GitHub Docs:

https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-the-codeql-workflow#warning-git-checkout-head2-is-no-longer-necessary
---
 .github/workflows/codeql-analysis.yml | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 561e8c1..127ef08 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -33,15 +33,6 @@ jobs:
     steps:
       - name: Checkout repository
         uses: actions/checkout@v2
-        with:
-          # We must fetch at least the immediate parents so that if this is
-          # a pull request then we can checkout the head.
-          fetch-depth: 2
-
-      # If this run was triggered by a pull request event, then checkout
-      # the head of the pull request instead of the merge commit.
-      - run: git checkout HEAD^2
-        if: ${{ github.event_name == 'pull_request' }}
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL