CodeQL code scanning
This commit is contained in:
@@ -0,0 +1,67 @@
|
||||
name: "CodeQL Advanced"
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [release, beta]
|
||||
pull_request:
|
||||
branches: [beta]
|
||||
paths-ignore:
|
||||
- '**.md'
|
||||
schedule:
|
||||
- cron: '43 2 * * 5'
|
||||
|
||||
jobs:
|
||||
analyze:
|
||||
name: Analyze C++
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
# required for all workflows
|
||||
security-events: write
|
||||
|
||||
# required to fetch internal or private CodeQL packs
|
||||
packages: read
|
||||
|
||||
# only required for workflows in private repositories
|
||||
actions: read
|
||||
contents: read
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
submodules: recursive
|
||||
|
||||
# Initializes the CodeQL tools for scanning.
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v3
|
||||
with:
|
||||
languages: c-cpp
|
||||
build-mode: manual
|
||||
dependency-caching: true
|
||||
|
||||
- name: Install dependencies
|
||||
run: sudo apt-get update && sudo apt-get install -y
|
||||
libasound2-dev
|
||||
libgl-dev
|
||||
libglu1-mesa-dev
|
||||
libgtk-3-dev
|
||||
libjack-dev
|
||||
libmad0-dev
|
||||
libpulse-dev
|
||||
libudev-dev
|
||||
libxinerama-dev
|
||||
libx11-dev
|
||||
libxrandr-dev
|
||||
libxtst-dev
|
||||
nasm
|
||||
|
||||
- name: Configure
|
||||
run: cmake -B build -DWITH_FFMPEG_JOBS="$(nproc)"
|
||||
|
||||
- name: Build
|
||||
run: cmake --build build --parallel "$(nproc)"
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v3
|
||||
with:
|
||||
category: "/language:c-cpp"
|
||||
Reference in New Issue
Block a user