Skip to content

Code Analysis

Code Analysis #70

Workflow file for this run

name: Code Analysis
on:
schedule:
- cron: '40 0 * * 1'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
analyze:
name: "Analyze ${{ matrix.os }} / ${{ matrix.python-version }}"
runs-on: ${{ matrix.os }}-latest
strategy:
fail-fast: false
matrix:
os: [ Ubuntu ]
language: [ "python" ]
python-version: [ "3.11" ]
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
cache: pip
allow-prereleases: true
- name: Install dependencies
run: |
echo "::group::Pip dependencies"
python -m pip install --upgrade pip setuptools wheel
python -m pip install --upgrade -r requirements-dev.txt -r requirements.txt
python -m pip install .
echo "::endgroup::"
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
setup-python-dependencies: false
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
- name: Run pip audit
uses: pypa/[email protected]
continue-on-error: true
with:
inputs: requirements.txt requirements-dev.txt