-
Notifications
You must be signed in to change notification settings - Fork 1
37 lines (32 loc) · 935 Bytes
/
codeql.yml
File metadata and controls
37 lines (32 loc) · 935 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
---
# SPDX-License-Identifier: Apache-2.0
# SPDX-FileCopyrightText: 2025 The Linux Foundation
name: 'CodeQL'
# yamllint disable-line rule:truthy
on:
workflow_dispatch:
push:
branches: ['main', 'master']
paths-ignore:
- '.github/**'
- 'docs/**'
schedule:
- cron: '40 4 * * 0'
concurrency:
group: ${{ github.workflow }}-${{ github.ref_name }}
cancel-in-progress: true
permissions: {}
jobs:
scan:
name: 'Audit Repository'
# yamllint disable-line rule:line-length
uses: lfit/releng-reusable-workflows/.github/workflows/reuse-python-codeql.yaml@37bbdea5cca2f21e502f7ff580306c78307d1d41 # v0.3.1
with:
codeql_config: .github/codeql/codeql-config.yml
permissions:
security-events: write
# required to fetch internal or private CodeQL packs
packages: read
# only required for workflows in private repositories
actions: read
contents: read