This repository has been archived on 2024-11-11. You can view files and clone it, but cannot push or open issues or pull requests.
socketio-jwt/.github/workflows/codeql-analysis.yml

42 lines
1.3 KiB
YAML
Raw Normal View History

2020-12-27 17:40:00 +01:00
# For more information see: https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code
name: 'CodeQL'
on:
push:
branches: [master, develop]
pull_request_review:
branches: [master, develop]
types: [submitted]
jobs:
analyze:
if: ${{ (github.event_name == 'push') || (github.event_name == 'pull_request_review' && github.event.review.state == 'approved' && (github.event.review.author_association == 'COLLABORATOR' || github.event.review.author_association == 'MEMBER' || github.event.review.author_association == 'OWNER') && !github.event.pull_request.draft && github.event.pull_request.state == 'open') }}
name: 'Analyze'
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
language: ['javascript']
steps:
- name: 'Checkout repository'
uses: actions/checkout@v2
with:
fetch-depth: 2
- run: git checkout HEAD^2
if: ${{ github.event_name == 'pull_request' }}
- name: 'Initialize CodeQL'
uses: github/codeql-action/init@v1
with:
languages: ${{ matrix.language }}
- name: 'Autobuild'
uses: github/codeql-action/autobuild@v1
- name: 'Perform CodeQL Analysis'
uses: github/codeql-action/analyze@v1