updated README

Shadi Samadi · Shadi Samadi · commit ad2b50fb6aea · 2024-12-05T16:34:15.000+11:00
diff --git a/README.md b/README.md
@@ -29,7 +29,7 @@ on:
 jobs:
   analyze:
     name: Analyze (${{ matrix.language }})
-    runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
+    runs-on: ubuntu-latest
     permissions:
       security-events: write
       packages: read
@@ -42,59 +42,37 @@ jobs:
         include:
         - language: go
           build-mode: autobuild
-        - language: java-kotlin
-          build-mode: none 
-        - language: javascript-typescript
-          build-mode: none
-        - language: python
-          build-mode: none
+          query: codeql/go-queries:AlertSuppression.ql        
 
     steps:
     - name: Checkout repository
       uses: actions/checkout@v4
 
-    - name: Map Languages
-      run: |
-        if [ "${{ matrix.language }}" == "java-kotlin" ]; then
-          echo "language=java" >> $GITHUB_ENV
-        elif [ "${{ matrix.language }}" == "javascript-typescript" ]; then
-          echo "language=javascript" >> $GITHUB_ENV
-        else
-          echo "language=${{ matrix.language }}" >> $GITHUB_ENV
-        fi
-
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v3
       with:
         languages: ${{ matrix.language }}
         build-mode: ${{ matrix.build-mode }}
-        packs: "codeql/${{ env.language }}-queries:AlertSuppression.ql"
-    
-    - if: matrix.build-mode == 'manual'
-      shell: bash
-      run: |
-        echo 'If you are using a "manual" build mode for one or more of the' \
-          'languages you are analyzing, replace this with the commands to build' \
-          'your code, for example:'
-        echo '  make bootstrap'
-        echo '  make release'
-        exit 1
+        packs: ${{ matrix.query }}
 
     - name: Perform CodeQL Analysis
+      # define an 'id' for the analysis step
       id: analyze
       uses: github/codeql-action/analyze@v2
       with:
         category: "/language:${{matrix.language}}"
+        # define the output folder for SARIF files
         output: sarif-results
         
     - name: Dismiss alerts
       if: github.ref == 'refs/heads/main'
-      uses: advanced-security/dismiss-alerts@main
+      uses: advanced-security/dismiss-alerts@v2
       with:
+         # specify a 'sarif-id' and 'sarif-file'
         sarif-id: ${{ steps.analyze.outputs.sarif-id }}
-        sarif-file: sarif-results/${{ env.language }}.sarif
+        sarif-file: sarif-results/${{ matrix.language }}.sarif
       env:
-        GITHUB_TOKEN: ${{ github.token }
+        GITHUB_TOKEN: ${{ github.token }}
 ```
 
 ### Third party produced SARIF file 
