Update codeql.yml (#627) #7

Workflow file for this run

	# For most projects, this workflow file will not need changing; you simply need
	# to commit it to your repository.
	#
	# You may wish to alter this file to override the set of languages analyzed,
	# or to provide custom queries or build logic.
	#
	# ****** NOTE ******
	# We have attempted to detect the languages in your repository. Please check
	# the `language` matrix defined below to confirm you have the correct set of
	# supported CodeQL languages.
	#
	name: "CodeQL Advanced"

	on:
	push:
	branches: [ "main", release/stable ]
	pull_request:
	branches: [ "main" ]
	schedule:
	- cron: '21 0 * * 6'

	jobs:
	analyze:
	name: Analyze
	runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') \|\| 'ubuntu-latest' }}
	timeout-minutes: ${{ (matrix.language == 'swift' && 120) \|\| 360 }}
	permissions:
	actions: read
	contents: read
	security-events: write

	strategy:
	fail-fast: false
	matrix:
	include:
	- language: javascript-typescript
	build-mode: none
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	# Initializes the CodeQL tools for scanning.
	- name: Initialize CodeQL
	uses: github/codeql-action/init@v3
	with:
	languages: ${{ matrix.language }}
	config-file: ./.github/codeql/codeql-config.yml

	- name: Setup Node.js environment
	uses: actions/setup-node@v3
	with:
	node-version: 16.x
	registry-url: https://npm.pkg.github.com

	- name: Install npm@9
	run: npm i -g npm@9

	- name: Build and test
	run: \|
	npm config set //npm.pkg.github.com/:_authToken=${{ secrets.GPR_ACCESS_TOKEN }}
	npm ci
	npm run ci
	env:
	AZ_DevOps_Read_PAT: ${{ secrets.AZ_DevOps_Read_PAT }}

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@v3
	with:
	category: "/language:${{matrix.language}}"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update codeql.yml (#627) #7

Workflow file

Update codeql.yml (#627) #7

Jobs

Run details

Workflow file for this run