Skip to content

for testing2

for testing2 #2

##############################################################################
##############################################################################
#
# NOTE!
#
# Please read the README.md file in this directory that defines what should
# be placed in this file
#
##############################################################################
##############################################################################
name: CodeQL codescan workflow
on:
pull_request:
branches:
- '**'
push:
branches:
- '**'
jobs:
CodeQL:
if: ${{ github.actor != 'dependabot[bot]' }}
name: Analyse Code With CodeQL
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
# strategy:
# fail-fast: false
# matrix:
# language: [ 'typescript' ]
# directory: [ 'src/components', 'src/utils', 'src/services' ] # List of directories to scan
steps:
- name: Checkout repository
uses: github/actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
debug: true
- name: CodeQL Analysis for Directory
run: |
echo "Scanning directory: ${{ matrix.directory }}"
codeql database create db-${{ matrix.directory }} --language=${{ matrix.language }} --source-root=${{ matrix.directory }}
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
with:
category: "/language:${{ matrix.language }}-${{ matrix.directory }}"
output: results-${{ matrix.directory }}.sarif
- name: Upload SARIF to GitHub Security
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: results-${{ matrix.directory }}.sarif