diff --git a/.github/codeql/codeql-config.yml b/.github/codeql/codeql-config.yml new file mode 100644 index 0000000000..65aabb69a9 --- /dev/null +++ b/.github/codeql/codeql-config.yml @@ -0,0 +1,34 @@ +name: 'Azle CodeQL Configuration' + +disable-default-rules: false + +queries: + - uses: security-and-quality + +paths-ignore: + - node_modules + - dist + - target + - benchmarks.json + - docs + - logo + - the_azle_book + - examples/**/node_modules + - examples/**/dist + - examples/**/target + - '**/*.generated.ts' + - '**/*.generated.js' + +paths: + - src + - examples + +languages: + javascript: + # Include TypeScript files + queries: + - uses: security-and-quality + + rust: + queries: + - uses: security-and-quality diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000000..72bf4b1cfc --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,41 @@ +name: 'CodeQL' + +'on': + push: + branches: ['main'] + pull_request: + branches: ['main'] + schedule: + - cron: '15 5 * * 1' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: ['javascript', 'rust'] + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + config-file: ./.github/codeql/codeql-config.yml + + - name: Autobuild + uses: github/codeql-action/autobuild@v3 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: '/language:${{matrix.language}}' diff --git a/dist/canister_templates/stable.wasm b/dist/canister_templates/stable.wasm index 722d23f052..f1d1370317 100644 Binary files a/dist/canister_templates/stable.wasm and b/dist/canister_templates/stable.wasm differ