Browse Source
Merge pull request #1093 from lgtm-migrator/codeql
Add CodeQL workflow for GitHub code scanning
pull/1104/head
trapexit
2 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with
42 additions and
0 deletions
-
.github/workflows/codeql.yml
|
|
@ -0,0 +1,42 @@ |
|
|
|
name: "CodeQL" |
|
|
|
|
|
|
|
on: |
|
|
|
push: |
|
|
|
branches: [ "master" ] |
|
|
|
pull_request: |
|
|
|
branches: [ "master" ] |
|
|
|
schedule: |
|
|
|
- cron: "7 3 * * 6" |
|
|
|
|
|
|
|
jobs: |
|
|
|
analyze: |
|
|
|
name: Analyze |
|
|
|
runs-on: ubuntu-latest |
|
|
|
permissions: |
|
|
|
actions: read |
|
|
|
contents: read |
|
|
|
security-events: write |
|
|
|
|
|
|
|
strategy: |
|
|
|
fail-fast: false |
|
|
|
matrix: |
|
|
|
language: [ python, cpp ] |
|
|
|
|
|
|
|
steps: |
|
|
|
- name: Checkout |
|
|
|
uses: actions/checkout@v3 |
|
|
|
|
|
|
|
- name: Initialize CodeQL |
|
|
|
uses: github/codeql-action/init@v2 |
|
|
|
with: |
|
|
|
languages: ${{ matrix.language }} |
|
|
|
queries: +security-and-quality |
|
|
|
|
|
|
|
- name: Autobuild |
|
|
|
uses: github/codeql-action/autobuild@v2 |
|
|
|
if: ${{ matrix.language == 'python' || matrix.language == 'cpp' }} |
|
|
|
|
|
|
|
- name: Perform CodeQL Analysis |
|
|
|
uses: github/codeql-action/analyze@v2 |
|
|
|
with: |
|
|
|
category: "/language:${{ matrix.language }}" |