mirror of
https://github.com/github/codeql-action.git
synced 2026-01-03 13:10:06 +08:00
b1bfc45906
Bumps the actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [actions/download-artifact](https://github.com/actions/download-artifact) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token). Updates `actions/checkout` from 4 to 5 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) Updates `actions/download-artifact` from 4 to 5 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v4...v5) Updates `actions/create-github-app-token` from 2.0.6 to 2.1.1 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](https://github.com/actions/create-github-app-token/compare/v2.0.6...v2.1.1) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/download-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/create-github-app-token dependency-version: 2.1.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>
50 lines
1.1 KiB
YAML
50 lines
1.1 KiB
YAML
name: Check queries that ran
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
- releases/v*
|
|
pull_request:
|
|
types:
|
|
- opened
|
|
- synchronize
|
|
- reopened
|
|
- ready_for_review
|
|
schedule:
|
|
- cron: '0 5 * * *'
|
|
workflow_dispatch: {}
|
|
|
|
jobs:
|
|
expected-queries:
|
|
name: Expected Queries Tests
|
|
env:
|
|
CODEQL_ACTION_TEST_MODE: true
|
|
timeout-minutes: 45
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
security-events: read
|
|
steps:
|
|
- name: Check out repository
|
|
uses: actions/checkout@v5
|
|
- name: Prepare test
|
|
id: prepare-test
|
|
uses: ./.github/actions/prepare-test
|
|
with:
|
|
version: linked
|
|
- uses: ./../action/init
|
|
with:
|
|
languages: javascript
|
|
tools: ${{ steps.prepare-test.outputs.tools-url }}
|
|
- uses: ./../action/analyze
|
|
with:
|
|
output: ${{ runner.temp }}/results
|
|
|
|
- name: Check Sarif
|
|
uses: ./../action/.github/actions/check-sarif
|
|
with:
|
|
sarif-file: ${{ runner.temp }}/results/javascript.sarif
|
|
queries-run: js/incomplete-hostname-regexp,js/path-injection
|
|
queries-not-run: foo,bar
|