1+ name : " CodeQL"
2+ on :
3+ push :
4+ branches : ["main"]
5+ pull_request :
6+ branches : ["main"]
7+ schedule :
8+ - cron : " 0 0 * * 1"
9+ permissions :
10+ contents : read
11+ jobs :
12+ analyze :
13+ name : Analyze
14+ runs-on : ubuntu-latest
15+ permissions :
16+ actions : read
17+ contents : read
18+ security-events : write
19+ strategy :
20+ fail-fast : false
21+ matrix :
22+ language : ["javascript"]
23+ steps :
24+ - name : Checkout repository
25+ uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
26+ # Initializes the CodeQL tools for scanning.
27+ - name : Initialize CodeQL
28+ uses : github/codeql-action/init@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
29+ with :
30+ languages : ${{ matrix.language }}
31+ # If you wish to specify custom queries, you can do so here or in a config file.
32+ # By default, queries listed here will override any specified in a config file.
33+ # Prefix the list here with "+" to use these queries and those in the config file.
34+ # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
35+ # If this step fails, then you should remove it and run the build manually (see below)
36+ - name : Autobuild
37+ uses : github/codeql-action/autobuild@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
38+ # ℹ️ Command-line programs to run using the OS shell.
39+ # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
40+ # If the Autobuild fails above, remove it and uncomment the following three lines.
41+ # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
42+ # - run: |
43+ # echo "Run, Build Application using script"
44+ # ./location_of_script_within_repo/buildscript.sh
45+ - name : Perform CodeQL Analysis
46+ uses : github/codeql-action/analyze@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
47+ with :
48+ category : " /language:${{matrix.language}}"
0 commit comments