1# Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 2# 3# SPDX-License-Identifier: curl 4 5name: CodeQL 6 7'on': 8 push: 9 branches: 10 - master 11 - '*/ci' 12 paths-ignore: 13 - '**/*.md' 14 - '.circleci/**' 15 - 'appveyor.*' 16 - 'docs/**' 17 - 'packages/**' 18 - 'plan9/**' 19 - 'projects/**' 20 - 'tests/data/**' 21 - 'winbuild/**' 22 pull_request: 23 branches: 24 - master 25 paths-ignore: 26 - '**/*.md' 27 - '.circleci/**' 28 - 'appveyor.*' 29 - 'docs/**' 30 - 'packages/**' 31 - 'plan9/**' 32 - 'projects/**' 33 - 'tests/data/**' 34 - 'winbuild/**' 35 schedule: 36 - cron: '0 0 * * 4' 37 38concurrency: 39 group: ${{ github.workflow }} 40 41permissions: {} 42 43jobs: 44 codeql: 45 runs-on: ubuntu-latest 46 permissions: 47 security-events: write 48 steps: 49 - name: Checkout repository 50 uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 51 52 # Initializes the CodeQL tools for scanning. 53 - name: Initialize CodeQL 54 uses: github/codeql-action/init@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3 55 with: 56 languages: cpp 57 queries: security-extended 58 59 # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). 60 # If this step fails, then you should remove it and run the build manually (see below) 61 - name: Autobuild 62 uses: github/codeql-action/autobuild@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3 63 64 # ℹ️ Command-line programs to run using the OS shell. 65 # https://git.io/JvXDl 66 67 # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines 68 # and modify them (or add more) to build your code if your project 69 # uses a compiled language 70 71 # - run: | 72 # make bootstrap 73 # make release 74 75 - name: Perform CodeQL Analysis 76 uses: github/codeql-action/analyze@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3 77