zulip/.github/workflows/codeql-analysis.yml

name: "Code scanning"

on: [push, pull_request]

jobs:
  CodeQL:
    runs-on: ubuntu-latest

    steps:
      - name: Check out repository
        uses: actions/checkout@v2

      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
        uses: github/codeql-action/init@v1

        # Override language selection by uncommenting this and choosing your languages
        # with:
        #   languages: go, javascript, csharp, python, cpp, java

      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v1
docs: Fix more capitalization issues. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-10-23 02:43:28 +02:00			`name: "Code scanning"`
github: Enable new codeql-analysis feature. This file was generated by GitHub's code analysis tutorial; we were just approved from their waitlist. I deleted the part to run compilers as it is not relevant for us. 2020-06-25 20:29:26 +02:00
github-actions: Don't run code scanning workflow every week. Since we already run this on every push we don't need to run it as a cron job every week for no reason. While we are touching this code block, we convert it to on: [push, pull_request] since the previous format felt weird. It was only written that way because we had the cron job declared there. 2020-07-08 01:37:07 +02:00			`on: [push, pull_request]`
github: Enable new codeql-analysis feature. This file was generated by GitHub's code analysis tutorial; we were just approved from their waitlist. I deleted the part to run compilers as it is not relevant for us. 2020-06-25 20:29:26 +02:00
			`jobs:`
minor: Rename codeql workflow names. This makes it so the GitHub displays the runs as "Code Scanning / CodeQL" instead of "Code scanning - actions / CodeQL-Build". 2020-07-07 20:07:13 +02:00			`CodeQL:`
github: Enable new codeql-analysis feature. This file was generated by GitHub's code analysis tutorial; we were just approved from their waitlist. I deleted the part to run compilers as it is not relevant for us. 2020-06-25 20:29:26 +02:00			`runs-on: ubuntu-latest`

			`steps:`
docs: Add spaces to “check out”, “log in”, “set up”, “sign up” as verbs. “Checkout”, “login”, “setup”, and “signup” are nouns, not verbs. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-10-13 23:50:18 +02:00			`- name: Check out repository`
lint: Reformat YAML files with Prettier. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-07-01 21:19:49 +02:00			`uses: actions/checkout@v2`
github: Enable new codeql-analysis feature. This file was generated by GitHub's code analysis tutorial; we were just approved from their waitlist. I deleted the part to run compilers as it is not relevant for us. 2020-06-25 20:29:26 +02:00
lint: Reformat YAML files with Prettier. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-07-01 21:19:49 +02:00			`# Initializes the CodeQL tools for scanning.`
			`- name: Initialize CodeQL`
			`uses: github/codeql-action/init@v1`
github: Enable new codeql-analysis feature. This file was generated by GitHub's code analysis tutorial; we were just approved from their waitlist. I deleted the part to run compilers as it is not relevant for us. 2020-06-25 20:29:26 +02:00
lint: Reformat YAML files with Prettier. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-07-01 21:19:49 +02:00			`# Override language selection by uncommenting this and choosing your languages`
			`# with:`
			`# languages: go, javascript, csharp, python, cpp, java`
ci: Run CodeQL on merge commit. As per https://github.com/github/codeql-action/pull/297. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2021-08-03 21:38:25 +02:00
lint: Reformat YAML files with Prettier. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-07-01 21:19:49 +02:00			`- name: Perform CodeQL Analysis`
			`uses: github/codeql-action/analyze@v1`