CodeQL #2035

Workflow file for this run

.github/workflows/checks.codeql.yml at f7938ee

	name: "CodeQL"

	"on":
	workflow_dispatch: {}
	workflow_call:
	inputs: {}
	secrets:
	GRADLE_CONFIGURATION_KEY:
	description: "Gradle cache key"
	required: false
	BUILDLESS_APIKEY:
	description: "Buildless key"
	required: false

	schedule:
	- cron: "0 0-23/2 * * *"

	push:
	branches:
	- main

	permissions:
	contents: read

	jobs:
	analyze:
	name: CodeQL
	runs-on: ubuntu-latest
	continue-on-error: true
	permissions:
	actions: read
	contents: read
	security-events: write
	strategy:
	fail-fast: false
	matrix:
	language: ["java-kotlin"]
	steps:
	- name: "Setup: Harden Runner"
	uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
	with:
	egress-policy: audit
	- name: "Setup: Checkout"
	uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
	with:
	persist-credentials: false
	- name: "Setup: Cache Restore (Build)"
	id: cache-restore-build
	uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
	with:
	key: pkl-v1-build-${{ hashFiles('gradle/libs.versions.toml') }}
	restore-keys: \|
	pkl-v1-build-${{ hashFiles('gradle/libs.versions.toml') }}
	pkl-v1-build-
	pkl-v1-
	pkl-
	path: \|
	.gradle/
	build/
	.codebase/
	.kotlin/
	./*/build/bin
	./*/build/classes
	./*/build/kotlin
	./*/build/klib
	./*/build/generated
	./*/build/generated-sources
	- name: "Setup: Java 21"
	uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 # v4.0.0
	with:
	distribution: 'adopt'
	java-version: '21'
	- name: "Setup: Initialize CodeQL"
	uses: github/codeql-action/init@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
	with:
	config-file: ./.github/codeql/codeql-config.yml
	languages: ${{ matrix.language }}
	- name: "Analysis: Build"
	uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5 # v3.1.0
	continue-on-error: true
	env:
	CI: true
	BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }}
	with:
	cache-read-only: true
	cache-encryption-key: ${{ secrets.GRADLE_CONFIGURATION_KEY }}
	arguments: \|
	compileKotlin
	compileJava
	assemble
	-x test
	-x check
	- name: "Analysis: CodeQL"
	uses: github/codeql-action/analyze@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
	continue-on-error: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CodeQL #2035

Workflow file

CodeQL #2035

Jobs

Run details

Workflow file for this run