[DSP, already shipped] Code scanning: Small update for change from head to merge commit for attribution (#16169)

hubwriter · web-flow · commit 6487712b152e · 2020-10-26T14:47:27.000Z
* Small update for change from head to merge commit for attribution

* Simplify the sentence about when codescan is run against PRs

Whether it does attribution using a comparison of the HEAD commit
or a merge into a temporary copy of the default branch
is too much information here.
diff --git a/content/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning.md b/content/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning.md
@@ -48,7 +48,7 @@ By default, the {% data variables.product.prodname_codeql_workflow %} uses the `
 
 #### Scanning pull requests
 
-The default {% data variables.product.prodname_codeql_workflow %} uses the `pull_request` event to trigger a code scan on the `HEAD` commit of a pull request against the default branch. {% if currentVersion ver_gt "enterprise-server@2.21" %}The `pull_request` event is not triggered if the pull request was opened from a private fork.{% else %}If a pull request is from a private fork, the `pull_request` event will only be triggered if you've selected the "Run workflows from fork pull requests" option in the repository settings. For more information, see "[Disabling or limiting {% data variables.product.prodname_actions %} for a repository](/github/administering-a-repository/disabling-or-limiting-github-actions-for-a-repository#enabling-workflows-for-private-repository-forks)."{% endif %} 
+The default {% data variables.product.prodname_codeql_workflow %} uses the `pull_request` event to trigger a code scan on pull requests targeted against the default branch. {% if currentVersion ver_gt "enterprise-server@2.21" %}The `pull_request` event is not triggered if the pull request was opened from a private fork.{% else %}If a pull request is from a private fork, the `pull_request` event will only be triggered if you've selected the "Run workflows from fork pull requests" option in the repository settings. For more information, see "[Disabling or limiting {% data variables.product.prodname_actions %} for a repository](/github/administering-a-repository/disabling-or-limiting-github-actions-for-a-repository#enabling-workflows-for-private-repository-forks)."{% endif %} 
 
 For more information about the `pull_request` event, see "[Workflow syntax for {% data variables.product.prodname_actions %}](/actions/reference/workflow-syntax-for-github-actions#onpushpull_requestbranchestags)."
 
@@ -150,8 +150,6 @@ jobs:
     steps:
     - name: Checkout repository
       uses: actions/checkout@v2
-      with:
-        fetch-depth: 2
     - name: Set up Python
       uses: actions/setup-python@v2
       with:
@@ -165,8 +163,6 @@ jobs:
         # Set the `CODEQL-PYTHON` environment variable to the Python executable
         # that includes the dependencies
         echo "::set-env name=CODEQL_PYTHON::$(which python)"
-    - run: git checkout HEAD^2
-      if: ${{ github.event_name == 'pull_request' }}
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v1
       with:
