Skip to content

CodeQL Analysis

CodeQL Analysis #31

Workflow file for this run

# This workflow runs the latest CodeQL CLI and checks against CodeQL's Cpp library.
# This is the source for the GitHub Security Code Scanning job.
name: "CodeQL Analysis"
on:
push:
branches:
- main
- develop
paths-ignore:
- '**.md'
- 'LICENSE'
pull_request:
# The branches below must be a subset of the branches above
branches:
- main
- develop
# Allow manual scheduling
workflow_dispatch:
jobs:
analyze:
name: Analysis
runs-on: windows-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ 'cpp' ]
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
submodules: 'recursive'
- name: Install Nuget Packages
run: nuget restore .\packages.config -PackagesDirectory .\packages\
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
config-file: microsoft/Windows-Driver-Developer-Supplemental-Tools/config/codeql-config.yml@jacob-ronstadt/isolation
- name: Retrieve and build all available solutions
run: .\Build-AllSamples.ps1 -Verbose -ThrottleLimit 1
env:
WDS_Configuration: Debug
WDS_Platform: x64
WDS_WipeOutputs: ${{ true }}
- name: Perform CodeQL analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:${{matrix.language}}"