Skip to content

Bump github/codeql-action from 2 to 3 #22

Bump github/codeql-action from 2 to 3

Bump github/codeql-action from 2 to 3 #22

Workflow file for this run

# This workflow checks out code, performs a Codacy security scan and integrates
# the results with the GitHub Advanced Security code scanning feature.
# For more information on the Codacy security scan action usage and parameters,
# https://github.com/codacy/codacy-analysis-cli-action.
# For more information on Codacy Analysis CLI in general,
# https://github.com/codacy/codacy-analysis-cli.
name: Codacy Security Scan
on:
push:
branches: [main]
pull_request:
# The branches below must be a subset of the branches above.
branches: [main]
schedule:
- cron: "0 0 1 * *"
permissions:
contents: read
jobs:
codacy-security-scan:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Codacy Security Scan
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v4
- name: Run Codacy Analysis CLI
uses: codacy/codacy-analysis-cli-action@v4
with:
output: results.sarif
format: sarif
# Adjust severity of non-security issues
gh-code-scanning-compat: true
# Force 0 exit code to allow SARIF file generation
# This will handover control about PR rejection to the GitHub side
max-allowed-issues: 2147483647
- name: Upload SARIF results file
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: results.sarif