]> git.sesse.net Git - stockfish/blob - .github/workflows/codeql.yml
054be90040c22594770afcb6741163787e9e53ca
[stockfish] / .github / workflows / codeql.yml
1 name: "CodeQL"
2
3 on:
4   push:
5     branches: [ 'master' ]
6   pull_request:
7     # The branches below must be a subset of the branches above
8     branches: [ 'master' ]
9   schedule:
10     - cron: '17 18 * * 1'
11
12 jobs:
13   analyze:
14     name: Analyze
15     runs-on: ubuntu-latest
16     permissions:
17       actions: read
18       contents: read
19       security-events: write
20
21     strategy:
22       fail-fast: false
23       matrix:
24         language: [ 'cpp' ]
25         # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
26         # Use only 'java' to analyze code written in Java, Kotlin or both
27         # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
28         # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
29
30     steps:
31     - name: Checkout repository
32       uses: actions/checkout@v4
33
34     # Initializes the CodeQL tools for scanning.
35     - name: Initialize CodeQL
36       uses: github/codeql-action/init@v2
37       with:
38         languages: ${{ matrix.language }}
39         # If you wish to specify custom queries, you can do so here or in a config file.
40         # By default, queries listed here will override any specified in a config file.
41         # Prefix the list here with "+" to use these queries and those in the config file.
42
43         # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
44         # queries: security-extended,security-and-quality
45
46     - name: Build
47       working-directory: src
48       run: make -j build ARCH=x86-64-modern
49
50     - name: Perform CodeQL Analysis
51       uses: github/codeql-action/analyze@v2
52       with:
53         category: "/language:${{matrix.language}}"