svelte-diff-match-patch/.github/workflows/codeql.yml at main · humanspeak/svelte-diff-match-patch · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
name: CodeQL

permissions:
    security-events: write
    contents: read

on:
    push:
        branches: [main]
    pull_request:
        branches: [main]
        types: [opened, synchronize, reopened]
    schedule:
        - cron: 0 0 * * 0 # Run weekly

jobs:
    analyze:
        name: Analyze
        runs-on: blacksmith-2vcpu-ubuntu-2404 # trunk-ignore(actionlint/runner-label)
        if: github.event_name == 'push' || github.event_name == 'schedule' || github.event.pull_request.head.repo.full_name != github.repository

        steps:
            - uses: actions/checkout@v6 # zizmor: ignore[unpinned-uses]
              with:
                  persist-credentials: false
                  fetch-depth: 0

            - name: Initialize CodeQL
              uses: github/codeql-action/init@v3 # zizmor: ignore[unpinned-uses]
              with:
                  languages: javascript

            - name: Perform CodeQL Analysis
              uses: github/codeql-action/analyze@v3 # zizmor: ignore[unpinned-uses]