From 73197e66c6829e6c1c7ae5b9ae0d065014a4e589 Mon Sep 17 00:00:00 2001 From: MrDave1999 Date: Wed, 15 Jan 2025 10:49:11 -0500 Subject: [PATCH 1/5] chore: configure CodeQL for static code analysis --- .github/workflows/codeql-analysis.yml | 39 +++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 .github/workflows/codeql-analysis.yml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 0000000..a493730 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,39 @@ +name: "CodeQL" + +on: + push: + branches: [dev] + paths: + - '**.cs' + - '**.csproj' + pull_request: + branches: [dev] + paths: + - '**.cs' + - '**.csproj' + schedule: + - cron: '0 8 * * 4' + +jobs: + analyze: + name: analyze + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + language: ['csharp'] + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 \ No newline at end of file From bda7c03aa99bfeb3869f77972268268d8178310e Mon Sep 17 00:00:00 2001 From: MrDave1999 Date: Wed, 15 Jan 2025 10:52:33 -0500 Subject: [PATCH 2/5] Update --- .github/workflows/codeql-analysis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index a493730..cf32142 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -1,4 +1,4 @@ -name: "CodeQL" +name: CodeQL on: push: From df903c0a122f9e98a4aaea9018978f00d47f3e51 Mon Sep 17 00:00:00 2001 From: MrDave1999 Date: Wed, 15 Jan 2025 10:57:17 -0500 Subject: [PATCH 3/5] Update --- .github/workflows/codeql-analysis.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index cf32142..d4ab03a 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -8,9 +8,6 @@ on: - '**.csproj' pull_request: branches: [dev] - paths: - - '**.cs' - - '**.csproj' schedule: - cron: '0 8 * * 4' From fcdb79c5c3e39819024efbd1569bc43dd7b2e158 Mon Sep 17 00:00:00 2001 From: MrDave1999 Date: Wed, 15 Jan 2025 11:06:35 -0500 Subject: [PATCH 4/5] Update --- .github/workflows/codeql-analysis.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index d4ab03a..2f129a5 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -8,6 +8,9 @@ on: - '**.csproj' pull_request: branches: [dev] + paths: + - '**.cs' + - '**.csproj' schedule: - cron: '0 8 * * 4' @@ -30,7 +33,7 @@ jobs: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 \ No newline at end of file + uses: github/codeql-action/analyze@v3 \ No newline at end of file From 6b2b416ba68d358be2e314bfcc805d6d73b04582 Mon Sep 17 00:00:00 2001 From: MrDave1999 Date: Wed, 15 Jan 2025 11:06:51 -0500 Subject: [PATCH 5/5] Update --- .github/workflows/codeql-analysis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 2f129a5..10ca3f5 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -28,7 +28,7 @@ jobs: uses: actions/checkout@v4 - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }}