Skip to content

Commit

Permalink
test
Browse files Browse the repository at this point in the history
  • Loading branch information
@aashna-narula-cko
aashna-narula-cko committed Feb 14, 2024
1 parent 8079856 commit 3418423
Showing 1 changed file with 15 additions and 31 deletions.
46 changes: 15 additions & 31 deletions .github/workflows/codeql-analysis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,10 @@ jobs:
analyze:
name: Analyze
runs-on: [ macos-latest ]
permissions:
actions: read
contents: read
security-events: write

strategy:
fail-fast: false
Expand All @@ -31,41 +35,21 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
submodules: recursive

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
queries: security-and-quality
debug: true

- name: Autobuild
run: swift build
- name: Build
run: |
xcodebuild -scheme CheckoutCardManagement -destination "platform=iOS Simulator,name=iPhone 14 Pro,OS=latest"
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
with:
upload: false # disable the upload here - we will upload in a different action
output: sarif-results

- name: filter-sarif
uses: advanced-security/filter-sarif@v1
with:
# filter out all test files unless they contain a sql-injection vulnerability
patterns: |
-**/*test*.js
+**/*test*.js:js/sql-injection
input: sarif-results/${{ matrix.language }}.sarif
output: sarif-results/${{ matrix.language }}.sarif

- name: Upload SARIF
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: sarif-results/${{ matrix.language }}.sarif

# optional: for debugging the uploaded sarif
- name: Upload loc as a Build Artifact
uses: actions/upload-artifact@v3
with:
name: sarif-results
path: sarif-results
retention-days: 1
uses: github/codeql-action/analyze@v3

0 comments on commit 3418423

Please sign in to comment.