| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384 |
- name: "CodeQL Advanced"
- on:
- push:
- branches:
- - main
- tags-ignore:
- - "v*"
- paths:
- - "**.go"
- - "go.mod"
- - "go.sum"
- - "**.js"
- - "**.mjs"
- - "**.cjs"
- - "**.ts"
- - "**.vue"
- - "frontend/package-lock.json"
- pull_request:
- paths:
- - "**.go"
- - "go.mod"
- - "go.sum"
- - "**.js"
- - "**.mjs"
- - "**.cjs"
- - "**.ts"
- - "**.vue"
- - "frontend/package-lock.json"
- schedule:
- - cron: "18 2 * * 2"
- jobs:
- analyze:
- name: Analyze (${{ matrix.language }})
- runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
- env:
- CODEQL_ACTION_FILE_COVERAGE_ON_PRS: true
- permissions:
- security-events: write
- packages: read
- actions: read
- contents: read
- strategy:
- fail-fast: false
- matrix:
- include:
- - language: actions
- build-mode: none
- - language: go
- build-mode: autobuild
- - language: javascript-typescript
- build-mode: none
- steps:
- - name: Checkout repository
- uses: actions/checkout@v6
- - name: Setup Node.js
- if: matrix.language == 'go'
- uses: actions/setup-node@v6
- with:
- node-version: '22'
- cache: 'npm'
- cache-dependency-path: frontend/package-lock.json
- - name: Build frontend bundle
- if: matrix.language == 'go'
- run: |
- npm ci
- npm run build
- working-directory: frontend
- - name: Initialize CodeQL
- uses: github/codeql-action/init@v4
- with:
- languages: ${{ matrix.language }}
- build-mode: ${{ matrix.build-mode }}
- - name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@v4
- with:
- category: "/language:${{matrix.language}}"
|
