name: "CodeQL" # yamllint disable-line rule:truthy on: schedule: - cron: "30 18 * * 4" permissions: {} concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: analyze: name: Analyze runs-on: ubuntu-latest timeout-minutes: 360 permissions: actions: read # To read workflow information for CodeQL contents: read # To check out the repository security-events: write # To upload CodeQL results steps: - name: Check out code from GitHub uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false - name: Initialize CodeQL uses: github/codeql-action/init@87557b9c84dde89fdd9b10e88954ac2f4248e463 # v4.36.1 with: languages: python - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@87557b9c84dde89fdd9b10e88954ac2f4248e463 # v4.36.1 with: category: "/language:python"