Skip to content
CodeQL Code Analysis

deps: Bump actions/checkout from 6.0.3 to 7.0.0 (#222) #446

Sign in to view logs

deps: Bump actions/checkout from 6.0.3 to 7.0.0 (#222)

deps: Bump actions/checkout from 6.0.3 to 7.0.0 (#222) #446

Workflow file for this run

.github/workflows/codeql.yml at 0f122c5
name: CodeQL Code Analysis
on:
push:
branches:
- main
pull_request:
branches:
- main
schedule:
- cron: '21 18 * * 5'
permissions:
contents: read
jobs:
analyze-actions:
name: Analyze (actions)
runs-on: ubuntu-24.04
permissions:
security-events: write
steps:
- name: Check out source code
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
with:
persist-credentials: false
- name: Initialize CodeQL
uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
with:
languages: actions
build-mode: none
queries: security-extended
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
with:
category: "/language:actions"
analyze-java:
name: Analyze (java-kotlin)
runs-on: ubuntu-24.04
permissions:
security-events: write
steps:
- name: Check out source code
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
with:
persist-credentials: false
- name: Set up Java
uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
with:
java-version: 21
distribution: temurin
- name: Setup Gradle
uses: gradle/actions/setup-gradle@3f131e8634966bd73d06cc69884922b02e6faf92 # v6.2.0
- name: Initialize CodeQL
uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
with:
languages: java-kotlin
build-mode: manual
queries: security-extended
- name: Build
run: ./gradlew assemble --no-build-cache
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
with:
category: "/language:java-kotlin"