Skip to content

Bump github/codeql-action/init from 4.36.2 to 4.37.0 #2225

Bump github/codeql-action/init from 4.36.2 to 4.37.0

Bump github/codeql-action/init from 4.36.2 to 4.37.0 #2225

Workflow file for this run

name: CodeQL
on:
pull_request:
branches:
- main
paths-ignore:
- '**/*.md'
- '.github/workflows/markdown.yml'
- '.github/markdownlint.json'
- '.github/markdownlint.jsonc'
- '.github/workflows/nightly.yml'
- '.github/ISSUE_TEMPLATE/**'
push:
branches:
- main
paths-ignore:
- '**/*.md'
- '.github/workflows/markdown.yml'
- '.github/markdownlint.json'
- '.github/markdownlint.jsonc'
- '.github/workflows/nightly.yml'
- '.github/ISSUE_TEMPLATE/**'
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
checks: write
contents: read
security-events: write
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4
with:
egress-policy: audit
- name: Checkout
id: checkout
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- name: Initialize CodeQL
id: initialize
uses: github/codeql-action/init@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v4.37.0
with:
queries: security-extended
languages: TypeScript
source-root: src
- name: Autobuild
id: autobuild
uses: github/codeql-action/autobuild@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
- name: Perform CodeQL Analysis
id: analyze
uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2