[geos-commits] [SCM] GEOS branch main updated. a8d2ed0aba46f88f9b8987526e68eea6565d16ae
git at osgeo.org
git at osgeo.org
Thu Feb 8 12:09:42 PST 2024
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GEOS".
The branch, main has been updated
via a8d2ed0aba46f88f9b8987526e68eea6565d16ae (commit)
from 611b69a7a4eaf72a892c8379fd1e264f2aaa6124 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit a8d2ed0aba46f88f9b8987526e68eea6565d16ae
Author: Even Rouault <even.rouault at spatialys.com>
Date: Thu Feb 8 21:09:24 2024 +0100
CI: add CodeQL static analyzer (#1045)
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
new file mode 100644
index 000000000..1ea5cdc18
--- /dev/null
+++ b/.github/workflows/codeql.yml
@@ -0,0 +1,68 @@
+name: "CodeQL"
+
+on:
+ push:
+ pull_request:
+
+concurrency:
+ group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}
+ cancel-in-progress: true
+
+permissions:
+ contents: read
+
+jobs:
+ analyze:
+ name: Analyze
+ # Runner size impacts CodeQL analysis time. To learn more, please see:
+ # - https://gh.io/recommended-hardware-resources-for-running-codeql
+ # - https://gh.io/supported-runners-and-hardware-resources
+ # - https://gh.io/using-larger-runners
+ # Consider using larger runners for possible analysis time improvements.
+ runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
+ timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
+
+ strategy:
+ fail-fast: false
+ matrix:
+ language: [ 'c-cpp' ]
+ # CodeQL supports [ 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' ]
+ # Use only 'java-kotlin' to analyze code written in Java, Kotlin or both
+ # Use only 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
+ # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout at v4
+
+ # Initializes the CodeQL tools for scanning.
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init at v3
+ with:
+ languages: ${{ matrix.language }}
+ # If you wish to specify custom queries, you can do so here or in a config file.
+ # By default, queries listed here will override any specified in a config file.
+ # Prefix the list here with "+" to use these queries and those in the config file.
+
+ # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+ # queries: security-extended,security-and-quality
+
+ - name: Install dependencies
+ run: |
+ sudo apt-get install -y cmake g++
+
+ - name: Build
+ run: |
+ mkdir build
+ cd build
+ cmake .. -DCMAKE_BUILD_TYPE=RelWithDebInfo
+ make -j$(nproc)
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze at v3
+ with:
+ category: "/language:${{matrix.language}}"
-----------------------------------------------------------------------
Summary of changes:
.github/workflows/codeql.yml | 68 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 68 insertions(+)
create mode 100644 .github/workflows/codeql.yml
hooks/post-receive
--
GEOS
More information about the geos-commits
mailing list