name: "CodeQL" on: push: branches: [ 'dev' ] pull_request: # The branches below must be a subset of the branches above branches: [ 'dev' ] schedule: - cron: '58 7 * * 6' jobs: analyze: name: Analyze runs-on: ubuntu-latest permissions: actions: read contents: read security-events: write strategy: fail-fast: false matrix: language: [ 'csharp', 'javascript' ] steps: - name: Checkout repository uses: actions/checkout@v3 with: fetch-depth: 0 submodules: false # skip fetching webui, they are analyzed separately - uses: actions/setup-dotnet@v2 - name: Initialize CodeQL uses: github/codeql-action/init@v2 with: languages: ${{ matrix.language }} queries: +security-extended,security-and-quality - name: Build CLI if: ${{ matrix.language == 'csharp' }} run: dotnet build BililiveRecorder.Cli/BililiveRecorder.Cli.csproj - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v2 with: category: "/language:${{matrix.language}}"