diff options
Diffstat (limited to '.github/workflows/codeql-analysis.yml')
-rw-r--r-- | .github/workflows/codeql-analysis.yml | 78 |
1 files changed, 0 insertions, 78 deletions
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml deleted file mode 100644 index b4a5b55dd..000000000 --- a/.github/workflows/codeql-analysis.yml +++ /dev/null | |||
@@ -1,78 +0,0 @@ | |||
1 | name: CodeQL | ||
2 | |||
3 | on: | ||
4 | push: | ||
5 | paths: | ||
6 | - 'm4/**' | ||
7 | - 'src/**.c' | ||
8 | - 'src/**.h' | ||
9 | - 'src/**.mk' | ||
10 | - 'src/**Makefile' | ||
11 | - .github/workflows/codeql-analysis.yml | ||
12 | - Makefile | ||
13 | - ci/printenv.sh | ||
14 | - config.mk.in | ||
15 | - config.sh.in | ||
16 | - configure | ||
17 | - configure.ac | ||
18 | pull_request: | ||
19 | paths: | ||
20 | - 'm4/**' | ||
21 | - 'src/**.c' | ||
22 | - 'src/**.h' | ||
23 | - 'src/**.mk' | ||
24 | - 'src/**Makefile' | ||
25 | - .github/workflows/codeql-analysis.yml | ||
26 | - Makefile | ||
27 | - ci/printenv.sh | ||
28 | - config.mk.in | ||
29 | - config.sh.in | ||
30 | - configure | ||
31 | - configure.ac | ||
32 | schedule: | ||
33 | - cron: '0 7 * * 2' | ||
34 | |||
35 | permissions: # added using https://github.com/step-security/secure-workflows | ||
36 | contents: read | ||
37 | |||
38 | jobs: | ||
39 | analyze: | ||
40 | permissions: | ||
41 | actions: read | ||
42 | contents: read | ||
43 | security-events: write | ||
44 | name: Analyze | ||
45 | runs-on: ubuntu-latest | ||
46 | |||
47 | steps: | ||
48 | - name: Harden Runner | ||
49 | uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 | ||
50 | with: | ||
51 | disable-sudo: true | ||
52 | egress-policy: block | ||
53 | allowed-endpoints: > | ||
54 | api.github.com:443 | ||
55 | github.com:443 | ||
56 | objects.githubusercontent.com:443 | ||
57 | uploads.github.com:443 | ||
58 | |||
59 | - name: Checkout repository | ||
60 | uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 | ||
61 | |||
62 | - name: print env | ||
63 | run: ./ci/printenv.sh | ||
64 | |||
65 | # Initializes the CodeQL tools for scanning. | ||
66 | - name: Initialize CodeQL | ||
67 | uses: github/codeql-action/init@5b6282e01c62d02e720b81eb8a51204f527c3624 | ||
68 | with: | ||
69 | languages: cpp | ||
70 | |||
71 | - name: configure | ||
72 | run: ./configure | ||
73 | |||
74 | - name: make | ||
75 | run: make -j "$(nproc)" | ||
76 | |||
77 | - name: Perform CodeQL Analysis | ||
78 | uses: github/codeql-action/analyze@5b6282e01c62d02e720b81eb8a51204f527c3624 | ||