.github/workflows/codeql.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

name: CodeQL security scan

on:
  pull_request:
  schedule:
    - cron:  '0 12 * * *'

permissions:
  contents: read
  security-events: write
  pull-requests: read

jobs:
  codeql:
    name: CodeQL security scan
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Initialize CodeQL
        uses: github/codeql-action/init@v3
        with:
          languages: java
      - name: Build debug APK
        run: bash ./gradlew assembleDev --stacktrace
      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v3