Skip to content
πŸ” CodeQL Security Analysis

#14 #17

Sign in to view logs

#14

#14 #17

Workflow file for this run

.github/workflows/codeql.yml at 8ce087d
name: πŸ” CodeQL Security Analysis
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main ]
schedule:
- cron: '0 0 * * 1' # Every Monday at midnight
workflow_dispatch:
jobs:
analyze:
name: πŸ” Analyze ${{ matrix.language }}
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
packages: read
strategy:
fail-fast: false
matrix:
language: [ 'csharp', 'javascript' ]
steps:
- name: πŸ“₯ Checkout repository
uses: actions/checkout@v4
- name: πŸ”§ Setup .NET
if: matrix.language == 'csharp'
uses: actions/setup-dotnet@v4
with:
dotnet-version: '7.0.x'
- name: βš™οΈ Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
queries: security-extended,security-and-quality
- name: πŸ—οΈ Build C# Projects
if: matrix.language == 'csharp'
run: |
echo "πŸ“¦ Restoring dependencies..."
dotnet restore JsonViewer.Blazor.sln
echo "πŸ—οΈ Building Component..."
dotnet build src/Component/Component.csproj -c Release --no-restore
echo "πŸ—οΈ Building Demo..."
dotnet build src/Blazor.Demo/Blazor.Demo.csproj -c Release --no-restore
echo "βœ… Build completed"
- name: πŸ—οΈ Autobuild JavaScript
if: matrix.language == 'javascript'
uses: github/codeql-action/autobuild@v3
- name: πŸ” Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:${{ matrix.language }}"