codeql-analysis.yml 2.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354
  1. # This action runs GitHub's industry-leading static analysis engine, CodeQL, against a repository's source code to find security vulnerabilities.
  2. # https://github.com/github/codeql-action
  3. name: "CodeQL"
  4. on:
  5. schedule:
  6. - cron: '0 0 1 * *' # Runs at 00:00 UTC on the 1st of every month
  7. jobs:
  8. analyze:
  9. name: Analyze
  10. runs-on: ubuntu-latest
  11. strategy:
  12. fail-fast: false
  13. matrix:
  14. language: ['python']
  15. # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
  16. # Learn more:
  17. # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
  18. steps:
  19. - name: Checkout repository
  20. uses: actions/checkout@v3
  21. # Initializes the CodeQL tools for scanning.
  22. - name: Initialize CodeQL
  23. uses: github/codeql-action/init@v2
  24. with:
  25. languages: ${{ matrix.language }}
  26. # If you wish to specify custom queries, you can do so here or in a config file.
  27. # By default, queries listed here will override any specified in a config file.
  28. # Prefix the list here with "+" to use these queries and those in the config file.
  29. # queries: ./path/to/local/query, your-org/your-repo/queries@main
  30. # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
  31. # If this step fails, then you should remove it and run the build manually (see below)
  32. - name: Autobuild
  33. uses: github/codeql-action/autobuild@v2
  34. # ℹ️ Command-line programs to run using the OS shell.
  35. # 📚 https://git.io/JvXDl
  36. # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
  37. # and modify them (or add more) to build your code if your project
  38. # uses a compiled language
  39. #- run: |
  40. # make bootstrap
  41. # make release
  42. - name: Perform CodeQL Analysis
  43. uses: github/codeql-action/analyze@v2