| May | JUN | Jul |
| 20 | ||
| 2019 | 2020 | 2021 |
COLLECTED BY
Collection: github.com
Use bundle URL version as the cache version
| Type | Name | Latest commit message | Commit time |
|---|---|---|---|
| Failed to load latest commit information. | |||
|
.github |
|
|
|
|
.vscode |
|
|
|
|
analyze |
|
|
|
|
autobuild |
|
|
|
|
init |
|
|
|
|
lib |
|
|
|
|
node_modules |
|
|
|
|
queries |
|
|
|
|
src |
|
|
|
|
tests/multi-language-repo |
|
|
|
|
upload-sarif |
|
|
|
|
.gitattributes |
|
|
|
|
CODE_OF_CONDUCT.md |
|
|
|
|
CONTRIBUTING.md |
|
|
|
|
LICENSE |
|
|
|
|
README.md |
|
|
|
|
package-lock.json |
|
|
|
|
package.json |
|
|
|
|
tsconfig.json |
|
|
|
|
tslint.json |
|
|
name: "Code Scanning - Action" on: push: pull_request: schedule: - cron: '0 0 * * 0' jobs: CodeQL-Build: strategy: fail-fast: false # CodeQL runs on ubuntu-latest, windows-latest, and macos-latest runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v2 with: # Must fetch at least the immediate parents so that if this is # a pull request then we can checkout the head of the pull request. # Only include this option if you are running this workflow on pull requests. fetch-depth: 2 # If this run was triggered by a pull request event then checkout # the head of the pull request instead of the merge commit. # Only include this step if you are running this workflow on pull requests. - run: git checkout HEAD^2 if: ${{ github.event_name == 'pull_request' }} # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL uses: github/codeql-action/init@v1 # Override language selection by uncommenting this and choosing your languages # with: # languages: go, javascript, csharp, python, cpp, java # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild uses: github/codeql-action/autobuild@v1 # ℹ️ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl # ✏️ If the Autobuild fails above, remove it and uncomment the following # three lines and modify them (or add more) to build your code if your # project uses a compiled language #- run: | # make bootstrap # make release - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v1If you prefer to integrate this within an existing CI workflow, it should end up looking something like this:
- name: Initialize CodeQL uses: github/codeql-action/init@v1 with: languages: go, javascript # Here is where you build your code - run: | make bootstrap make release - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v1
config-file parameter of the init action to enable the configuration file. The value of config-file is the path to the configuration file you want to use. This example loads the configuration file ./.github/codeql/codeql-config.yml.
- uses: github/codeql-action/init@v1 with: config-file: ./.github/codeql/codeql-config.ymlThe configuration file must be located within the local repository. For information on how to write a configuration file, see "Using a custom configuration."