# See https://github.com/github/codeql-action/tree/v1 for more information. name: CodeQL on: push: branches: [main, stable-*] paths: - .github/workflows/codeql.yml - "**/*.go" - "**/*.js" - "**/*.jsx" pull_request: # The branches below must be a subset of the branches above branches: [main, stable-*] paths: - .github/workflows/codeql.yml - "**/*.go" - "**/*.js" - "**/*.jsx" jobs: analyze: name: Analyze runs-on: ubuntu-22.04 permissions: actions: read contents: read security-events: write strategy: fail-fast: false matrix: language: - go - javascript steps: - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 with: go-version: "1.22" - name: Checkout uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 - name: Initialize # Unpinned action version so that we automatically get analyzer updates. uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} - name: Analyze uses: github/codeql-action/analyze@v3