codeql-analysis.yml 1.9 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576
  1. # Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
  2. #
  3. # SPDX-License-Identifier: curl
  4. name: CodeQL
  5. 'on':
  6. push:
  7. branches:
  8. - master
  9. - '*/ci'
  10. paths-ignore:
  11. - '**/*.md'
  12. - '.circleci/**'
  13. - 'appveyor.*'
  14. - 'docs/**'
  15. - 'packages/**'
  16. - 'plan9/**'
  17. - 'projects/**'
  18. - 'tests/data/**'
  19. - 'winbuild/**'
  20. pull_request:
  21. branches:
  22. - master
  23. paths-ignore:
  24. - '**/*.md'
  25. - '.circleci/**'
  26. - 'appveyor.*'
  27. - 'docs/**'
  28. - 'packages/**'
  29. - 'plan9/**'
  30. - 'projects/**'
  31. - 'tests/data/**'
  32. - 'winbuild/**'
  33. schedule:
  34. - cron: '0 0 * * 4'
  35. concurrency:
  36. group: ${{ github.workflow }}
  37. permissions: {}
  38. jobs:
  39. codeql:
  40. runs-on: ubuntu-latest
  41. permissions:
  42. security-events: write
  43. steps:
  44. - name: Checkout repository
  45. uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4
  46. # Initializes the CodeQL tools for scanning.
  47. - name: Initialize CodeQL
  48. uses: github/codeql-action/init@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3
  49. with:
  50. languages: cpp
  51. queries: security-extended
  52. # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
  53. # If this step fails, then you should remove it and run the build manually (see below)
  54. - name: Autobuild
  55. uses: github/codeql-action/autobuild@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3
  56. # ℹ️ Command-line programs to run using the OS shell.
  57. # 📚 https://git.io/JvXDl
  58. # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
  59. # and modify them (or add more) to build your code if your project
  60. # uses a compiled language
  61. # - run: |
  62. # make bootstrap
  63. # make release
  64. - name: Perform CodeQL Analysis
  65. uses: github/codeql-action/analyze@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3