Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_vim / e5f7cd0a60d0eeab84f7aeb35c13d3af7e50072e / . / .github / workflows / codeql-analysis.yml
blob: efd91a4de8b7c2b5c12830c5fd43cf4a9f2044d8 [file] [log] [blame]
Bram Moolenaarfa79be62020-10-02 10:29:45 +0200[diff] [blame]1# For most projects, this workflow file will not need changing; you simply need
2# to commit it to your repository.
3#
4# You may wish to alter this file to override the set of languages analyzed,
5# or to provide custom queries or build logic.
6name: "CodeQL"
7
8on:
9 push:
10 branches: [master]
11 pull_request:
12 # The branches below must be a subset of the branches above
13 branches: [master]
14 schedule:
15 - cron: '0 18 * * 1'
16
Yegappan Lakshmanan7f4a6282021-12-25 11:20:30 +0000[diff] [blame]17# Cancels all previous workflow runs for pull requests that have not completed.
18concurrency:
19 # The concurrency group contains the workflow name and the branch name for
20 # pull requests or the commit hash for any other events.
21 group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.head_ref || github.sha }}
22 cancel-in-progress: true
23
Alex311df6b2022-09-26 15:52:46 +0100[diff] [blame]24permissions:
25 contents: read # to fetch code (actions/checkout)
26
Bram Moolenaarfa79be62020-10-02 10:29:45 +0200[diff] [blame]27jobs:
28 analyze:
Alex311df6b2022-09-26 15:52:46 +0100[diff] [blame]29 permissions:
30 contents: read # to fetch code (actions/checkout)
31 security-events: write # (github/codeql-action/autobuild)
32
Bram Moolenaarfa79be62020-10-02 10:29:45 +0200[diff] [blame]33 name: Analyze
34 runs-on: ubuntu-latest
35
36 strategy:
37 fail-fast: false
38 matrix:
39 # Override automatic language detection by changing the below list
40 # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']
41 language: ['cpp', 'python']
42 # Learn more...
43 # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection
44
45 steps:
Philip Hbfaa24f2022-06-01 21:26:34 +0100[diff] [blame]46 - name: Checkout repository from github
Philip H8a83ffd2022-05-20 17:19:06 +0100[diff] [blame]47 uses: actions/checkout@v3
Bram Moolenaarfa79be62020-10-02 10:29:45 +0200[diff] [blame]48
Bram Moolenaarfa79be62020-10-02 10:29:45 +0200[diff] [blame]49 # Initializes the CodeQL tools for scanning.
50 - name: Initialize CodeQL
Philip H8a83ffd2022-05-20 17:19:06 +0100[diff] [blame]51 uses: github/codeql-action/init@v2
Bram Moolenaarfa79be62020-10-02 10:29:45 +0200[diff] [blame]52 with:
53 languages: ${{ matrix.language }}
54 # If you wish to specify custom queries, you can do so here or in a config file.
Bram Moolenaar89a9c152021-08-29 21:55:35 +0200[diff] [blame]55 # By default, queries listed here will override any specified in a config file.
Bram Moolenaarfa79be62020-10-02 10:29:45 +0200[diff] [blame]56 # Prefix the list here with "+" to use these queries and those in the config file.
57 # queries: ./path/to/local/query, your-org/your-repo/queries@main
58
59 # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
60 # If this step fails, then you should remove it and run the build manually (see below)
61 - name: Autobuild
Philip H8a83ffd2022-05-20 17:19:06 +0100[diff] [blame]62 uses: github/codeql-action/autobuild@v2
Bram Moolenaarfa79be62020-10-02 10:29:45 +0200[diff] [blame]63
64 # ℹī¸ Command-line programs to run using the OS shell.
65 # 📚 https://git.io/JvXDl
66
67 # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines
68 # and modify them (or add more) to build your code if your project
69 # uses a compiled language
70
71 #- run: |
72 # make bootstrap
73 # make release
74
75 - name: Perform CodeQL Analysis
Philip H8a83ffd2022-05-20 17:19:06 +0100[diff] [blame]76 uses: github/codeql-action/analyze@v2