From de4457eac23d329ac6d1a2e0ae7ba00c7baea493 Mon Sep 17 00:00:00 2001 From: Andrew Eisenberg Date: Fri, 24 Jan 2025 13:06:32 -0800 Subject: [PATCH 1/2] Add actions analysis to code scannign Create a new job to run actions since we don't need to matrix the runs across multiple OSes. --- .github/workflows/codeql.yml | 28 ++++++++++++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 130ef58839..ad5b502f68 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -70,7 +70,7 @@ jobs: echo "Suggested matrix config for analysis job: $VERSIONS_JSON" echo "versions=${VERSIONS_JSON}" >> $GITHUB_OUTPUT - build: + analyze-javascript: needs: [check-codeql-versions] strategy: fail-fast: false @@ -81,7 +81,7 @@ jobs: permissions: contents: read - security-events: write # needed to upload results + security-events: write steps: - name: Checkout @@ -100,3 +100,27 @@ jobs: uses: ./analyze with: category: "/language:javascript" + + + analyze-actions: + runs-on: ubuntu-latest + + strategy: + fail-fast: false + + permissions: + contents: read + security-events: write + + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Initialize CodeQL + uses: ./init + with: + languages: actions + config-file: ./.github/codeql/codeql-config.yml + - name: Perform CodeQL Analysis + uses: ./analyze + with: + category: "/language:actions" From 50954e7f006013661fd40f27dc2cc84ed9af3134 Mon Sep 17 00:00:00 2001 From: Andrew Eisenberg Date: Wed, 29 Jan 2025 12:25:34 -0800 Subject: [PATCH 2/2] Use a separate config file for actions queries --- .github/codeql/codeql-actions-config.yml | 4 ++++ .github/workflows/codeql.yml | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) create mode 100644 .github/codeql/codeql-actions-config.yml diff --git a/.github/codeql/codeql-actions-config.yml b/.github/codeql/codeql-actions-config.yml new file mode 100644 index 0000000000..7f3b3f3a84 --- /dev/null +++ b/.github/codeql/codeql-actions-config.yml @@ -0,0 +1,4 @@ +# Configuration for the CodeQL Actions Queries +name: "CodeQL Actions Queries config" +queries: + - uses: security-and-quality diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ad5b502f68..a51a6b870e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -119,7 +119,7 @@ jobs: uses: ./init with: languages: actions - config-file: ./.github/codeql/codeql-config.yml + config-file: ./.github/codeql/codeql-actions-config.yml - name: Perform CodeQL Analysis uses: ./analyze with: pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy