.github/workflows/codeql.yml

   1 name: "CodeQL"
   2
   3 on:
   4   push:
   5     branches: [ "master" ]
   6   pull_request:
   7     branches: [ "master" ]
   8   schedule:
   9     - cron: '31 12 * * 1'
  10
  11 jobs:
  12   analyze:
  13     name: Analyze (c-cpp)
  14     runs-on: ubuntu-latest
  15     timeout-minutes: 360
  16     permissions:
  17       security-events: write
  18
  19     steps:
  20       - name: Install Dependencies
  21         run: |
  22           sudo apt update && sudo apt install cmake make gcc pkg-config python3 libjson-c-dev lua5.1 liblua5.1-0-dev
  23
  24       - name: Checkout repository
  25         uses: actions/checkout@v4
  26
  27       # Initializes the CodeQL tools for scanning.
  28       - name: Initialize CodeQL
  29         uses: github/codeql-action/init@v3
  30         with:
  31           languages: c-cpp
  32           queries: security-and-quality
  33
  34       - name: Install libubox
  35         run: |
  36           cmake -DBUILD_EXAMPLES=OFF
  37           make
  38           sudo make install
  39
  40       - name: Perform CodeQL Analysis
  41         uses: github/codeql-action/analyze@v3
  42         with:
  43           category: "/language:c-cpp"