From 311d94c0b5dd932342231a5c99918cc456ba22f4 Mon Sep 17 00:00:00 2001 From: "M.P. Korstanje" Date: Fri, 1 May 2026 00:59:24 +0200 Subject: [PATCH] Enable CodeQL for .Net --- .github/workflows/codeql-dotnet.yaml | 56 ++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 .github/workflows/codeql-dotnet.yaml diff --git a/.github/workflows/codeql-dotnet.yaml b/.github/workflows/codeql-dotnet.yaml new file mode 100644 index 00000000..e44f9a88 --- /dev/null +++ b/.github/workflows/codeql-dotnet.yaml @@ -0,0 +1,56 @@ +name: codeql-dotnet + +permissions: { } + +on: + push: + branches: + - main + paths: + - dotnet/** + - testdata/** + - .github/** + pull_request: + branches: + - main + paths: + - dotnet/** + - testdata/** + - .github/** + schedule: + - cron: '7 5 * * 3' + +concurrency: + # Cancels in-progress runs only for pull requests + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + analyze: + name: Analyze .Net + runs-on: 'ubuntu-latest' + permissions: + security-events: write + steps: + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false + - uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2 + with: + languages: csharp + build-mode: manual + tools: linked + - uses: actions/setup-dotnet@c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7 # v5.2.0 + with: + dotnet-version: '10.0.x' + # Setup local NUGET source + - name: Setup local NUGET source + run: mkdir -p ./bin/Release/NuGet + working-directory: dotnet/Cucumber.CCK + # Pack the Cucumber.CCK project first + - name: Pack Cucumber.CCK + run: dotnet pack -c Release + working-directory: dotnet/Cucumber.CCK + - uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2 + with: + category: "/language:csharp"