1name: "CodeQL" 2 3on: 4 push: 5 branches: [main] 6 pull_request: 7 # The branches below must be a subset of the branches above 8 branches: [master] 9 schedule: 10 - cron: '0 15 * * 5' 11 12jobs: 13 analyze: 14 name: Analyze 15 runs-on: ubuntu-latest 16 17 strategy: 18 fail-fast: false 19 matrix: 20 # Override automatic language detection by changing the below list 21 # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python'] 22 language: ['cpp'] 23 # Learn more... 24 # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection 25 26 steps: 27 - name: Checkout repository 28 uses: actions/checkout@v3 29 with: 30 # We must fetch at least the immediate parents so that if this is 31 # a pull request then we can checkout the head. 32 fetch-depth: 2 33 34 # If this run was triggered by a pull request event, then checkout 35 # the head of the pull request instead of the merge commit. 36 #- run: git checkout HEAD^2 37 # if: ${{ github.event_name == 'pull_request' }} 38 39 # Initializes the CodeQL tools for scanning. 40 - name: Initialize CodeQL 41 uses: github/codeql-action/init@v1 42 with: 43 languages: ${{ matrix.language }} 44 45 # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). 46 # If this step fails, then you should remove it and run the build manually (see below) 47 #- name: Autobuild 48 # uses: github/codeql-action/autobuild@v1 49 50 # ℹ️ Command-line programs to run using the OS shell. 51 # �� https://git.io/JvXDl 52 53 # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines 54 # and modify them (or add more) to build your code if your project 55 # uses a compiled language 56 57 - run: | 58 cmake -B build -D ELFIO_BUILD_EXAMPLES=ON 59 cmake --build build 60 61 - name: Perform CodeQL Analysis 62 uses: github/codeql-action/analyze@v1 63