From a9501772c132b4a05ceeda142be9bb2ac35ffb38 Mon Sep 17 00:00:00 2001
From: Anders Kaseorg <anders@zulip.com>
Date: Wed, 4 Aug 2021 02:34:21 -0700
Subject: [PATCH] ci: Do not run CodeQL on Dependabot push events.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
---
 .github/workflows/codeql-analysis.yml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 41113f4055..6dac9a38b8 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -1,6 +1,10 @@
 name: "Code scanning"
 
-on: [push, pull_request]
+on:
+  push:
+    branches-ignore:
+      - dependabot/** # https://github.com/github/codeql-action/pull/435
+  pull_request: {}
 
 jobs:
   CodeQL: