@@ -2,9 +2,9 @@ name: "CodeQL"
22
33on :
44 push :
5- branches : [ "main" ]
5+ branches : ["main"]
66 pull_request :
7- branches : [ "main" ]
7+ branches : ["main"]
88 schedule :
99 - cron : ' 36 12 * * 3'
1010
@@ -20,29 +20,22 @@ jobs:
2020 strategy :
2121 fail-fast : false
2222 matrix :
23- language : [ 'javascript', 'python', 'rust' ]
24- # Rust is excluded from this explicit workflow to avoid build failures if deps are missing.
25- # The ignore-paths config in codeql-config.yml will handle the rust files if/when rust is added.
26- # If the user's default setup scans Rust, this workflow might replace it or run alongside.
27- # Ideally we replace strict default setup.
28- # Adding 'rust' tentatively? No, safer to stick to interpreted first or ask user.
29- # BUT the alerts ARE about Rust. If I don't scan Rust here, I might not close the alerts?
30- # Let's try adding Rust but use 'autobuild'.
23+ language : ['javascript', 'python', 'rust']
3124
3225 steps :
33- - name : Checkout repository
34- uses : actions/checkout@v4
26+ - name : Checkout repository
27+ uses : actions/checkout@v4
3528
36- - name : Initialize CodeQL
37- uses : github/codeql-action/init@v3
38- with :
39- languages : ${{ matrix.language }}
40- config-file : ./.github/codeql/codeql-config.yml
29+ - name : Initialize CodeQL
30+ uses : github/codeql-action/init@v3
31+ with :
32+ languages : ${{ matrix.language }}
33+ config-file : ./.github/codeql/codeql-config.yml
4134
42- - name : Autobuild
43- uses : github/codeql-action/autobuild@v3
35+ - name : Autobuild
36+ uses : github/codeql-action/autobuild@v3
4437
45- - name : Perform CodeQL Analysis
46- uses : github/codeql-action/analyze@v3
47- with :
48- category : " /language:${{matrix.language}}"
38+ - name : Perform CodeQL Analysis
39+ uses : github/codeql-action/analyze@v3
40+ with :
41+ category : " /language:${{matrix.language}}"
0 commit comments