Merge pull request #744 from pinosu/667-static_checks

Add static checking for common bug patterns
CosmWasm · Feb 9, 2022 · f4afc18 · f4afc18
2 parents 639b530 + 45efcea
commit f4afc18
Showing 1 changed file with 35 additions and 0 deletions.
diff --git a/.github/workflows/codeql-analizer.yml b/.github/workflows/codeql-analizer.yml
@@ -0,0 +1,35 @@
+name: "Code Scanning - Action"
+
+on:
+ pull_request:
+ paths:
+ - "**.go"
+ push:
+ branches: [ master ]
+ paths:
+ - "**.go"
+
+jobs:
+ CodeQL-Build:
+ runs-on: ubuntu-latest
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
+
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v2.3.5
+
+ # Initializes the CodeQL tools for scanning.
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@v1
+ with:
+ languages: 'go'
+ queries: crypto-com/cosmos-sdk-codeql@main,security-and-quality
+
+ - name: Autobuild
+ uses: github/codeql-action/autobuild@v1
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@v1