FilesExpand file tree

 Master

/

codeql.yml

Copy path

View Runs

Blame

More file actions

Blame

More file actions

Latest commit

 

History

History

History

38 lines (33 loc) · 1.15 KB

 Master

/

codeql.yml

Copy path

Top

File metadata and controls

• Code
• Blame

38 lines (33 loc) · 1.15 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

name: CodeQL analysis

# **What it does**: This runs CodeQL on our repository.

# **Why we have it**: Security scanning.

# **Who does it impact**: Docs engineering.

on:

push:

branches:

- main

pull_request:

branches:

- main

paths:

- '**/*.js'

- '.github/workflows/codeql.yml'

permissions:

actions: read

contents: read

security-events: write

# This allows a subsequently queued workflow run to interrupt previous runs

concurrency:

group: '${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}'

cancel-in-progress: true

jobs:

build:

if: github.repository == 'github/docs-internal' || github.repository == 'github/docs'

runs-on: ubuntu-latest

steps:

- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0

- uses: github/codeql-action/init@32dc499307d133bb5085bae78498c0ac2cf762d5

with:

languages: javascript # comma separated list of values from {go, python, javascript, java, cpp, csharp, ruby}

- uses: github/codeql-action/analyze@32dc499307d133bb5085bae78498c0ac2cf762d5

continue-on-error: true