| name: "CodeQL" |
| |
| on: |
| push: |
| branches: |
| - main |
| - v4-dev |
| - "!dependabot/**" |
| pull_request: |
| branches: |
| - main |
| - v4-dev |
| - "!dependabot/**" |
| schedule: |
| - cron: "0 2 * * 4" |
| workflow_dispatch: |
| |
| jobs: |
| analyze: |
| name: Analyze |
| runs-on: ubuntu-latest |
| permissions: |
| security-events: write |
| |
| steps: |
| - name: Checkout repository |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 |
| with: |
| persist-credentials: false |
| |
| - name: Initialize CodeQL |
| uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 |
| with: |
| config-file: ./.github/codeql/codeql-config.yml |
| languages: "javascript" |
| queries: +security-and-quality |
| |
| - name: Autobuild |
| uses: github/codeql-action/autobuild@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 |
| |
| - name: Perform CodeQL Analysis |
| uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 |
| with: |
| category: "/language:javascript" |
