CodeQL #99

Workflow file for this run

	name: "CodeQL"

	on:
	push:
	branches: [main]

	pull_request:
	branches: [main]

	schedule:
	- cron: '31 6 * * 1'

	# See https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
	permissions: # added using https://github.com/step-security/secure-workflows
	contents: read

	jobs:
	codeql-analyze:
	name: CodeQL Analyze
	runs-on: ubuntu-latest

	permissions:
	security-events: write
	actions: read

	strategy:
	fail-fast: false
	matrix:
	language: [ 'go', 'python' ]
	# https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection

	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
	with:
	egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

	- name: Checkout repository
	uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8

	# Initializes the CodeQL tools for scanning.
	- name: Initialize CodeQL
	uses: github/codeql-action/init@b2a92eb56d8cb930006a1c6ed86b0782dd8a4297
	with:
	languages: ${{ matrix.language }}
	# If you wish to specify custom queries, you can do so here or in a config file.
	# By default, queries listed here will override any specified in a config file.
	# Prefix the list here with "+" to use these queries and those in the config file.
	# queries: ./path/to/local/query, your-org/your-repo/queries@main

	- name: Autobuild
	uses: github/codeql-action/autobuild@b2a92eb56d8cb930006a1c6ed86b0782dd8a4297

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@b2a92eb56d8cb930006a1c6ed86b0782dd8a4297

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CodeQL #99

Workflow file

CodeQL #99

Jobs

Run details

Workflow file for this run