Skip to content

Commit cd33ea8

Browse files
ci: add explicit CodeQL configuration for javascript-typescript
1 parent 7b00fa4 commit cd33ea8

1 file changed

Lines changed: 44 additions & 0 deletions

File tree

.github/workflows/codeql.yml

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
name: "CodeQL Analysis"
2+
3+
on:
4+
push:
5+
branches: [ "main" ]
6+
pull_request:
7+
branches: [ "main" ]
8+
schedule:
9+
- cron: '30 1 * * 5' # Toda sexta-feira à 1:30 AM
10+
11+
jobs:
12+
analyze:
13+
name: Analyze
14+
runs-on: "ubuntu-latest"
15+
permissions:
16+
actions: read
17+
contents: read
18+
security-events: write
19+
20+
strategy:
21+
fail-fast: false
22+
matrix:
23+
language: [ 'javascript-typescript' ] # Analisa tanto JS quanto TS
24+
25+
steps:
26+
- name: Checkout repository
27+
uses: actions/checkout@v4
28+
29+
# Inicializa o CodeQL com as linguagens corretas
30+
- name: Initialize CodeQL
31+
uses: github/codeql-action/init@v3
32+
with:
33+
languages: ${{ matrix.language }}
34+
# Adicione queries personalizadas aqui se necessário
35+
# queries: security-extended,security-and-quality
36+
37+
# Como o Next.js não precisa de build complexo para análise, usamos o autobuild
38+
- name: Autobuild
39+
uses: github/codeql-action/autobuild@v3
40+
41+
- name: Perform CodeQL Analysis
42+
uses: github/codeql-action/analyze@v3
43+
with:
44+
category: "/language:${{matrix.language}}"

0 commit comments

Comments
 (0)