CodeQL #18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Based off of https://github.com/actions/reusable-workflows/blob/95d9656793415e47f574f7967f3850ea3bf5a7ed/.github/workflows/codeql-analysis.yml | |
| # This is modified to simplify the configuration for Spring Projects | |
| # This workflow helps to analyze repository code for vulnerabilities, bugs, and other errors using CodeQL. | |
| # For that CodeQL Action is used: https://github.com/github/codeql-action | |
| # Learn more about CodeQL at https://codeql.github.com/ | |
| name: CodeQL | |
| on: | |
| push: | |
| pull_request: | |
| workflow_dispatch: | |
| workflow_call: | |
| schedule: | |
| - cron: '39 13 * * 4' | |
| jobs: | |
| analyze: | |
| name: Analyze | |
| runs-on: ubuntu-latest | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| strategy: | |
| fail-fast: false | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| # Initializes the CodeQL tools for scanning. | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v3 | |
| with: | |
| languages: 'actions' | |
| build-mode: 'none' | |
| # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs | |
| queries: security-extended,security-and-quality | |
| # We are only doing actions which does not require a build | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v3 |