Skip to content

open-reading-frame/codeql-action

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.github/workflows
.github/workflows
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 
repo-data.json
repo-data.json
 
 
template.yml
template.yml
 
 

Repository files navigation

codeql-action

This action runs GitHub's CodeQL analysis (https://codeql.github.com/) on the provided input language. It can be used in a matrix-strategy job to perform CodeQL on multiple language at once. This action essentially abstracts the example CodeQL workflow into a composite action to simplify workflows running CodeQL. This action should only be used for relatively straightforward builds.

Example

name: CodeQL
description: Run CodeQL Analysis on the repository

on:
  push:
    branches: [main]  # Or the default branch for the repository
  pull_request:
    types: [opened, synchronize, reopened]
  schedule:
    # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#schedule
    - cron: '* * * * *'

jobs:
  codeql:
    runs-on: ubuntu-latest
    permissions:
      actions: read
      contents: read
      security-events: write
    strategy:
      fail-fast: false
      matrix:
        language: [python, javascript]
        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
        # Learn more about CodeQL language support at https://git.io/codeql-language-support
    steps:
      - name: Run CodeQL action with language ${{ matrix.language }}
        uses: open-reading-frame/codeql-action@main
        with:
          language: ${{ matrix.language }}

About

Run codeql

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published