name: "CodeQL" # yamllint disable-line rule:truthy on: schedule: - cron: "30 18 * * 4" permissions: {} concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: analyze: name: Analyze runs-on: ubuntu-latest timeout-minutes: 360 permissions: actions: read # To read workflow information for CodeQL contents: read # To check out the repository security-events: write # To upload CodeQL results steps: - name: Check out code from GitHub uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - name: Initialize CodeQL uses: github/codeql-action/init@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 with: languages: python - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 with: category: "/language:python"