Home Explore Help
Sign In
SMusatov
/
yt-dlp
mirror of https://github.com/yt-dlp/yt-dlp.git
1
0
Fork 0
Files Wiki
Tree: 4862a29854
Branches Tags
yt-dlp
/
.github
/
workflows
/
codeql.yml

codeql.yml 2.5 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 
  1. name: "CodeQL"
    2. 

  2. 

  3. on:
    4. 

  4.   push:
    5. 

  5.     branches: [ 'master', 'gh-pages', 'release' ]
    6. 

  6.   pull_request:
    7. 

  7.     # The branches below must be a subset of the branches above
    8. 

  8.     branches: [ 'master' ]
    9. 

  9.   schedule:
    10. 

  10.     - cron: '59 11 * * 5'
    11. 

  11. 

  12. jobs:
    13. 

  13.   analyze:
    14. 

  14.     name: Analyze
    15. 

  15.     runs-on: ubuntu-latest
    16. 

  16.     permissions:
    17. 

  17.       actions: read
    18. 

  18.       contents: read
    19. 

  19.       security-events: write
    20. 

  20. 

  21.     strategy:
    22. 

  22.       fail-fast: false
    23. 

  23.       matrix:
    24. 

  24.         language: [ 'python' ]
    25. 

  25.         # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
    26. 

  26.         # Use only 'java' to analyze code written in Java, Kotlin or both
    27. 

  27.         # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
    28. 

  28.         # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
    29. 

  29. 

  30.     steps:
    31. 

  31.     - name: Checkout repository
    32. 

  32.       uses: actions/checkout@v4
    33. 

  33. 

  34.     # Initializes the CodeQL tools for scanning.
    35. 

  35.     - name: Initialize CodeQL
    36. 

  36.       uses: github/codeql-action/init@v2
    37. 

  37.       with:
    38. 

  38.         languages: ${{ matrix.language }}
    39. 

  39.         # If you wish to specify custom queries, you can do so here or in a config file.
    40. 

  40.         # By default, queries listed here will override any specified in a config file.
    41. 

  41.         # Prefix the list here with "+" to use these queries and those in the config file.
    42. 

  42. 

  43.         # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
    44. 

  44.         # queries: security-extended,security-and-quality
    45. 

  45. 

  46. 

  47.     # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
    48. 

  48.     # If this step fails, then you should remove it and run the build manually (see below)
    49. 

  49.     - name: Autobuild
    50. 

  50.       uses: github/codeql-action/autobuild@v2
    51. 

  51. 

  52.     # ℹ️ Command-line programs to run using the OS shell.
    53. 

  53.     # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
    54. 

  54. 

  55.     #   If the Autobuild fails above, remove it and uncomment the following three lines.
    56. 

  56.     #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
    57. 

  57. 

  58.     # - run: |
    59. 

  59.     #     echo "Run, Build Application using script"
    60. 

  60.     #     ./location_of_script_within_repo/buildscript.sh
    61. 

  61. 

  62.     - name: Perform CodeQL Analysis
    63. 

  63.       uses: github/codeql-action/analyze@v2
    64. 

  64.       with:
    65. 

  65.         category: "/language:${{matrix.language}}"
    66.