github.com/KEINOS/go-countline@v1.1.0/.github/workflows/codeQL-analysis.yaml

github.com/KEINOS/go-countline@v1.1.0/.github/workflows/codeQL-analysis.yaml (about)

     1  # Security vulnerability scanning using CodeQL, the semantic code analysis engine.
     2  # See:
     3  #   https://github.com/github/codeql-action
     4  #   https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-the-codeql-workflow-for-compiled-languages#go
     5  name: "CodeQL"
     6  
     7  on:
     8    workflow_dispatch:
     9    push:
    10    schedule:
    11      # Runs at 00:00 on Friday.
    12      # See: https://crontab.guru/
    13      - cron: '0 0 * * FRI'
    14  
    15  jobs:
    16    analyze:
    17      name: Analyze
    18      runs-on: ubuntu-latest
    19      permissions:
    20        security-events: write
    21  
    22      steps:
    23      - name: Checkout repository
    24        uses: actions/checkout@v3
    25  
    26      # Initializes the CodeQL tools for scanning.
    27      - name: Initialize CodeQL
    28        uses: github/codeql-action/init@v2
    29        with:
    30          languages: go
    31  
    32      # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
    33      - name: Autobuild
    34        uses: github/codeql-action/autobuild@v2
    35  
    36      - name: Perform CodeQL Analysis
    37        uses: github/codeql-action/analyze@v2