diff options
author | Reiner Herrmann <reiner@reiner-h.de> | 2020-10-01 09:17:18 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-10-01 09:17:18 +0000 |
commit | 51f070ef2f2e949e3e7b4a6fdf3cd4f6822f7731 (patch) | |
tree | 858602d767a30ae71903fdaaed1549cf8f4daec9 /.github/workflows | |
parent | removing fork from ls.c in order to get firetools running the file manager (diff) | |
download | firejail-51f070ef2f2e949e3e7b4a6fdf3cd4f6822f7731.tar.gz firejail-51f070ef2f2e949e3e7b4a6fdf3cd4f6822f7731.tar.zst firejail-51f070ef2f2e949e3e7b4a6fdf3cd4f6822f7731.zip |
Create codeql-analysis.yml
Diffstat (limited to '.github/workflows')
-rw-r--r-- | .github/workflows/codeql-analysis.yml | 71 |
1 files changed, 71 insertions, 0 deletions
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 000000000..a37bbb5c7 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml | |||
@@ -0,0 +1,71 @@ | |||
1 | # For most projects, this workflow file will not need changing; you simply need | ||
2 | # to commit it to your repository. | ||
3 | # | ||
4 | # You may wish to alter this file to override the set of languages analyzed, | ||
5 | # or to provide custom queries or build logic. | ||
6 | name: "CodeQL" | ||
7 | |||
8 | on: | ||
9 | push: | ||
10 | branches: [master] | ||
11 | pull_request: | ||
12 | # The branches below must be a subset of the branches above | ||
13 | branches: [master] | ||
14 | schedule: | ||
15 | - cron: '0 7 * * 2' | ||
16 | |||
17 | jobs: | ||
18 | analyze: | ||
19 | name: Analyze | ||
20 | runs-on: ubuntu-latest | ||
21 | |||
22 | strategy: | ||
23 | fail-fast: false | ||
24 | matrix: | ||
25 | # Override automatic language detection by changing the below list | ||
26 | # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python'] | ||
27 | language: ['cpp', 'python'] | ||
28 | # Learn more... | ||
29 | # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection | ||
30 | |||
31 | steps: | ||
32 | - name: Checkout repository | ||
33 | uses: actions/checkout@v2 | ||
34 | with: | ||
35 | # We must fetch at least the immediate parents so that if this is | ||
36 | # a pull request then we can checkout the head. | ||
37 | fetch-depth: 2 | ||
38 | |||
39 | # If this run was triggered by a pull request event, then checkout | ||
40 | # the head of the pull request instead of the merge commit. | ||
41 | - run: git checkout HEAD^2 | ||
42 | if: ${{ github.event_name == 'pull_request' }} | ||
43 | |||
44 | # Initializes the CodeQL tools for scanning. | ||
45 | - name: Initialize CodeQL | ||
46 | uses: github/codeql-action/init@v1 | ||
47 | with: | ||
48 | languages: ${{ matrix.language }} | ||
49 | # If you wish to specify custom queries, you can do so here or in a config file. | ||
50 | # By default, queries listed here will override any specified in a config file. | ||
51 | # Prefix the list here with "+" to use these queries and those in the config file. | ||
52 | # queries: ./path/to/local/query, your-org/your-repo/queries@main | ||
53 | |||
54 | # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). | ||
55 | # If this step fails, then you should remove it and run the build manually (see below) | ||
56 | - name: Autobuild | ||
57 | uses: github/codeql-action/autobuild@v1 | ||
58 | |||
59 | # âšī¸ Command-line programs to run using the OS shell. | ||
60 | # đ https://git.io/JvXDl | ||
61 | |||
62 | # âī¸ If the Autobuild fails above, remove it and uncomment the following three lines | ||
63 | # and modify them (or add more) to build your code if your project | ||
64 | # uses a compiled language | ||
65 | |||
66 | #- run: | | ||
67 | # make bootstrap | ||
68 | # make release | ||
69 | |||
70 | - name: Perform CodeQL Analysis | ||
71 | uses: github/codeql-action/analyze@v1 | ||