• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# For most projects, this workflow file will not need changing; you simply need
2# to commit it to your repository.
3#
4# You may wish to alter this file to override the set of languages analyzed,
5# or to provide custom queries or build logic.
6name: "CodeQL"
7
8on:
9  push:
10    branches: [master]
11  pull_request:
12    # The branches below must be a subset of the branches above
13    branches: [master]
14  schedule:
15    - cron: '0 16 * * 3'
16
17jobs:
18  analyze:
19    name: Analyze
20    runs-on: ubuntu-latest
21
22    strategy:
23      fail-fast: false
24      matrix:
25        # Override automatic language detection by changing the below list
26        # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']
27        language: ['java']
28        # Learn more...
29        # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection
30
31    steps:
32    - name: Checkout repository
33      uses: actions/checkout@v2
34      with:
35        # We must fetch at least the immediate parents so that if this is
36        # a pull request then we can checkout the head.
37        fetch-depth: 2
38
39    # If this run was triggered by a pull request event, then checkout
40    # the head of the pull request instead of the merge commit.
41    - run: git checkout HEAD^2
42      if: ${{ github.event_name == 'pull_request' }}
43
44    # Initializes the CodeQL tools for scanning.
45    - name: Initialize CodeQL
46      uses: github/codeql-action/init@v1
47      with:
48        languages: ${{ matrix.language }}
49        # If you wish to specify custom queries, you can do so here or in a config file.
50        # By default, queries listed here will override any specified in a config file.
51        # Prefix the list here with "+" to use these queries and those in the config file.
52        # queries: ./path/to/local/query, your-org/your-repo/queries@main
53
54    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
55    # If this step fails, then you should remove it and run the build manually (see below)
56    - name: Autobuild
57      uses: github/codeql-action/autobuild@v1
58
59    # ℹ️ Command-line programs to run using the OS shell.
60    # �� https://git.io/JvXDl
61
62    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
63    #    and modify them (or add more) to build your code if your project
64    #    uses a compiled language
65
66    #- run: |
67    #   make bootstrap
68    #   make release
69
70    - name: Perform CodeQL Analysis
71      uses: github/codeql-action/analyze@v1
72