Bump SonarSource/sonarqube-scan-action from 5ffbad44543237d1b339a5ed57a774432e19f3e4 to ba6563cca79df854af1350ec3dc5881313ec2d3c #1372
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: "CodeQL" | |
| on: # yamllint disable-line rule:truthy | |
| push: | |
| branches: ["main"] | |
| pull_request: | |
| # The branches below must be a subset of the branches above | |
| branches: ["main"] | |
| workflow_dispatch: | |
| schedule: | |
| # ┌───────────── minute (0 - 59) | |
| # │ ┌───────────── hour (0 - 23) | |
| # │ │ ┌───────────── day of the month (1 - 31) | |
| # │ │ │ ┌───────────── month (1 - 12 or JAN-DEC) | |
| # │ │ │ │ ┌───────────── day of the week (0 - 6 or SUN-SAT) | |
| # │ │ │ │ │ | |
| # │ │ │ │ │ | |
| # │ │ │ │ │ | |
| # * * * * * | |
| - cron: "52 12 * * 1" | |
| jobs: | |
| analyze: | |
| name: Analyze | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| language: [python] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5 | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v3 | |
| with: | |
| languages: ${{ matrix.language }} | |
| queries: +security-and-quality | |
| - name: Autobuild | |
| uses: github/codeql-action/autobuild@v3 | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v3 | |
| with: | |
| category: "/language:${{ matrix.language }}" |