Skip to content

Commit d0398ad

Browse files
UlisesGasconUlisesGascon
authored
chore: CodeQL (SAST) (#5855)
1 parent 06154e9 commit d0398ad

File tree

1 file changed

+62
-0
lines changed

1 file changed

+62
-0
lines changed

.github/workflows/codeql.yml

Lines changed: 62 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,62 @@
1+
name: "CodeQL"
2+
3+
on:
4+
push:
5+
branches: ["main"]
6+
pull_request:
7+
branches: ["main"]
8+
schedule:
9+
- cron: "0 0 * * 1"
10+
11+
permissions:
12+
contents: read
13+
14+
jobs:
15+
analyze:
16+
name: Analyze
17+
runs-on: ubuntu-latest
18+
permissions:
19+
actions: read
20+
contents: read
21+
security-events: write
22+
23+
strategy:
24+
fail-fast: false
25+
matrix:
26+
language: ["javascript", "typescript"]
27+
# CodeQL supports [ $supported-codeql-languages ]
28+
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
29+
30+
steps:
31+
32+
- name: Checkout repository
33+
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
34+
35+
# Initializes the CodeQL tools for scanning.
36+
- name: Initialize CodeQL
37+
uses: github/codeql-action/init@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3.30.0
38+
with:
39+
languages: ${{ matrix.language }}
40+
# If you wish to specify custom queries, you can do so here or in a config file.
41+
# By default, queries listed here will override any specified in a config file.
42+
# Prefix the list here with "+" to use these queries and those in the config file.
43+
44+
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
45+
# If this step fails, then you should remove it and run the build manually (see below)
46+
- name: Autobuild
47+
uses: github/codeql-action/autobuild@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3.30.0
48+
49+
# ℹ️ Command-line programs to run using the OS shell.
50+
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
51+
52+
# If the Autobuild fails above, remove it and uncomment the following three lines.
53+
# modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
54+
55+
# - run: |
56+
# echo "Run, Build Application using script"
57+
# ./location_of_script_within_repo/buildscript.sh
58+
59+
- name: Perform CodeQL Analysis
60+
uses: github/codeql-action/analyze@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3.30.0
61+
with:
62+
category: "/language:${{matrix.language}}"

0 commit comments

Comments
 (0)