Skip to content

CodeQL

CodeQL #20

name: "CodeQL"
on:
push:
branches: [develop, main]
paths-ignore:
- 'README.md'
- 'CODE_OF_CONDUCT.md'
- 'CONTRIBUTING.md'
- 'LICENSE'
- 'SECURITY.md'
- 'docs/**'
- '.github/**'
- '!.github/workflows/codeql-analysis.yml'
pull_request:
# The branches below must be a subset of the branches above
branches: [develop]
paths-ignore:
- 'README.md'
- 'CODE_OF_CONDUCT.md'
- 'CONTRIBUTING.md'
- 'LICENSE'
- 'SECURITY.md'
- 'docs/**'
- '.github/**'
- '!.github/workflows/codeql-analysis.yml'
schedule:
- cron: '0 16 * * 0'
# Keep in sync with build.yml and test.yml
env:
CI: true
node: 20
java: 21
jobs:
analyse:
name: Analyse
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
# Install Java 21
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '${{ env.node }}'
cache: 'npm'
- name: Setup Java
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '${{ env.java }}'
cache: 'gradle'
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
# Override language selection by uncommenting this and choosing your languages
with:
languages: javascript, java
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
- name: Autobuild
uses: github/codeql-action/autobuild@v3
- run: rm -rf build/resources/main/static
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3