CodeQL

codeql

This action runs GitHub’s CodeQL analysis (https://codeql.github.com/) on the provided input language. It can be used in a matrix-strategy job to perform CodeQL on multiple language at once. An example template is included in this directory

Templates

name: CodeQL
description: Run CodeQL Analysis on the repository

on:
  push:
    branches: [main]  # Or the default branch for the repository
  pull_request:
    types: [opened, synchronize, reopened]
  schedule:
    # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#schedule
    - cron: '* * * * *'

jobs:
  codeql:
    runs-on: ubuntu-latest
    permissions:
      actions: read
      contents: read
      security-events: write
    strategy:
      fail-fast: false
      matrix:
        language: [python, javascript]
        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
        # Learn more about CodeQL language support at https://git.io/codeql-language-support
    steps:
      - name: Run CodeQL action with language ${{ matrix.language }}
        uses: GenapsysInc/internal-actions/reusable-actions/codeql@main
        with:
          language: ${{ matrix.language }}