Skip to content

Code Analysis

Code Analysis #86

Workflow file for this run

name: Code Analysis
on:
schedule:
- cron: '04 2 * * 4'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
analyze:
name: Code Analysis
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ "python" ]
python-version: [ "3.8", "3.9", "3.10", "3.11", "3.12" ]
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
cache: pip
- name: Install dependencies
run: |
echo "::group::Pip dependencies"
python -m pip install --upgrade pip setuptools wheel
python -m pip install --upgrade -r requirements-dev.txt -r requirements.txt
python -m pip install .
echo "::endgroup::"
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
setup-python-dependencies: false
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
languages: ${{ matrix.language }}
- name: Run pip audit
uses: pypa/[email protected]
continue-on-error: true
with:
inputs: requirements.txt requirements-dev.txt