CodeQL #822

Summary
Jobs
- Analyze
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/codeql-analysis.yml at 51ef9c8

	# https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning
	name: "CodeQL"

	on:
	push:
	branches:
	- '**'
	tags-ignore:
	- '**'
	paths-ignore:
	- '*/.md'
	- '.github/workflows/build.yml'
	- '.github/workflows/update-python-deps.yml'
	pull_request:
	paths-ignore:
	- '*/.md'
	schedule:
	- cron: '10 10 * * 1'
	workflow_dispatch:
	# https://github.blog/changelog/2020-07-06-github-actions-manual-triggers-with-workflow_dispatch/

	defaults:
	run:
	shell: bash

	env:
	PYTHON_VERSION: "3.11"

	jobs:
	analyze:
	name: Analyze
	runs-on: ubuntu-latest
	permissions:
	security-events: write

	steps:
	- name: Git Checkout
	uses: actions/checkout@v3 #https://github.com/actions/checkout

	- uses: actions/setup-python@v4
	with:
	python-version: "${{ env.PYTHON_VERSION }}"

	- name: Install python dependencies
	run: \|
	set -eux

	python --version

	python -m pip install --upgrade pip

	# pin packaging to 21.3 for now to prevent: packaging.specifiers.InvalidSpecifier: Invalid specifier: '>=3.4.*'
	# see https://github.com/pdm-project/pdm/issues/1556
	pip install --upgrade pdm packaging==21.3

	# don't install dependencies for now, as this makes CodeQL run forever
	# pdm install -v

	# Set the `CODEQL-PYTHON` environment variable to the Python executable
	# that includes the dependencies
	echo "CODEQL_PYTHON=$(which python)" >> $GITHUB_ENV

	- name: Initialize CodeQL
	uses: github/codeql-action/init@v2
	with:
	languages: python
	setup-python-dependencies: false

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@v2 # https://github.com/github/codeql-action

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CodeQL #822

Workflow file

CodeQL #822

Jobs

Run details

Workflow file for this run