A first-of-its-kind repository of custom queries to scan your codebase and detect environmental sustainability problems, notably energy-related issues.
To run these custom green queries directly on your repository, copy this code into a GitHub Action (Java code analysis in the example below):
name: "Green CodeQL Analysis"
env:
TARGET_LANGUAGE: "java"
on:
workflow_dispatch:
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v4
with:
languages: ${{ env.TARGET_LANGUAGE }}
build-mode: none
packs: green-code-initiative/${{ env.TARGET_LANGUAGE }}-queries
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v4
with:
category: "Sustainability"Note
For lack of a better option, sustainability issues are reported just as vulnerabilities in 🛡️ Security → Code scanning
6 Green CodeQL packs are currently available:
-
Java/Kotlin :
-
Python:
-
C/C++ :
-
Javascript/TypeScript :
-
Actions/YAML :
-
C# :
