Bump actions/checkout from 3 to 4 #132
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "CodeQL" | |
## Github workflow code scanning | |
# Configure this file to setup code scanning for the repository | |
# Code scanning uses Github actions minutes in private repos. To learn more: https://docs.github.com/en/billing/managing-billing-for-github-actions/about-billing-for-github-actions | |
on: | |
push: | |
branches: [ "main" ] | |
## Filter based on files changed: ts and js only for Angular | |
# paths: [ "**.ts", "**.js" ] | |
pull_request: | |
branches: [ "main" ] | |
## Filter based on files changed: ts and js only for Angular | |
# paths: [ "**.ts", "**.js" ] | |
## Specify schedule cron if needed | |
# schedule: | |
# - cron: "0 0 1 * *" | |
jobs: | |
analyze: | |
name: Analyze | |
runs-on: ubuntu-latest | |
permissions: | |
actions: read | |
contents: read | |
security-events: write | |
strategy: | |
fail-fast: false | |
matrix: | |
language: [ javascript ] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@v3 | |
with: | |
languages: ${{ matrix.language }} | |
queries: +security-and-quality | |
- name: Autobuild | |
uses: github/codeql-action/autobuild@v3 | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@v3 | |
with: | |
category: "/language:${{ matrix.language }}" |