codeql-analysis.yml 2.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263
  1. name: "CodeQL analysis"
  2. on:
  3. push:
  4. branches: [main]
  5. pull_request:
  6. branches: [main]
  7. schedule:
  8. # ┌───────────── minute (0 - 59)
  9. # │ ┌───────────── hour (0 - 23)
  10. # │ │ ┌───────────── day of the month (1 - 31)
  11. # │ │ │ ┌───────────── month (1 - 12 or JAN-DEC)
  12. # │ │ │ │ ┌───────────── day of the week (0 - 6 or SUN-SAT)
  13. # │ │ │ │ │
  14. # │ │ │ │ │
  15. # │ │ │ │ │
  16. # * * * * *
  17. - cron: '30 1 * * 0'
  18. jobs:
  19. analyze:
  20. name: Analyze
  21. # CodeQL runs on ubuntu-latest, windows-latest, and macos-latest
  22. runs-on: ubuntu-latest
  23. permissions:
  24. # required for all workflows
  25. security-events: write
  26. # only required for workflows in private repositories
  27. actions: read
  28. contents: read
  29. steps:
  30. - name: Checkout
  31. uses: actions/checkout@v3
  32. # Initializes the CodeQL tools for scanning.
  33. - name: Initialize CodeQL
  34. uses: github/codeql-action/init@v2
  35. with:
  36. # Run extended queries including queries using machine learning
  37. queries: security-extended
  38. languages: ${{ matrix.language }}
  39. # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
  40. # If this step fails, then you should remove it and run the build manually (see below).
  41. - name: Autobuild
  42. uses: github/codeql-action/autobuild@v2
  43. # ℹ️ Command-line programs to run using the OS shell.
  44. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
  45. # ✏️ If the Autobuild fails above, remove it and uncomment the following
  46. # three lines and modify them (or add more) to build your code if your
  47. # project uses a compiled language
  48. #- run: |
  49. # make bootstrap
  50. # make release
  51. - name: Perform CodeQL Analysis
  52. uses: github/codeql-action/analyze@v2