mirror of
https://github.com/curl/curl.git
synced 2026-04-12 00:11:42 +08:00
62 lines
1.3 KiB
YAML
62 lines
1.3 KiB
YAML
# Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
|
|
#
|
|
# SPDX-License-Identifier: curl
|
|
|
|
name: 'CodeQL'
|
|
|
|
'on':
|
|
push:
|
|
branches:
|
|
- master
|
|
- '*/ci'
|
|
paths-ignore:
|
|
- '**/*.md'
|
|
- '.circleci/**'
|
|
- 'appveyor.*'
|
|
- 'docs/**'
|
|
- 'packages/**'
|
|
- 'plan9/**'
|
|
- 'projects/**'
|
|
- 'tests/data/**'
|
|
- 'winbuild/**'
|
|
pull_request:
|
|
branches:
|
|
- master
|
|
paths-ignore:
|
|
- '**/*.md'
|
|
- '.circleci/**'
|
|
- 'appveyor.*'
|
|
- 'docs/**'
|
|
- 'packages/**'
|
|
- 'plan9/**'
|
|
- 'projects/**'
|
|
- 'tests/data/**'
|
|
- 'winbuild/**'
|
|
schedule:
|
|
- cron: '0 0 * * 4'
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}
|
|
|
|
permissions: {}
|
|
|
|
jobs:
|
|
codeql:
|
|
name: 'GHA and Python'
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
security-events: write
|
|
steps:
|
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- name: 'initialize'
|
|
uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3 # v3
|
|
with:
|
|
languages: actions, python
|
|
queries: security-extended
|
|
|
|
- name: 'perform analysis'
|
|
uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3
|