From f64ba41432246ffe659202b15bb037430f1cdd3b Mon Sep 17 00:00:00 2001 From: Ethan Dye Date: Tue, 17 Sep 2024 21:15:02 -0600 Subject: [PATCH] Create codeql-adv.yml Signed-off-by: Ethan Dye --- .github/workflows/codeql-adv.yml | 48 ++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 .github/workflows/codeql-adv.yml diff --git a/.github/workflows/codeql-adv.yml b/.github/workflows/codeql-adv.yml new file mode 100644 index 0000000..aa67691 --- /dev/null +++ b/.github/workflows/codeql-adv.yml @@ -0,0 +1,48 @@ +name: "CodeQL Advanced" + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + schedule: + - cron: '19 12 * * 6' + +jobs: + analyze: + name: Analyze with CodeQL + runs-on: macos-latest + permissions: + security-events: write + packages: read + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: swift + build-mode: manual + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + - name: Build with Xcode + uses: mxcl/xcodebuild@v3 + with: + xcode: 16.0 + platform: macOS + arch: arm64 + action: build + scheme: macSup2Srt + configuration: release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:swift"