Code Analysis #43

	name: Code Analysis

	on:
	schedule:
	- cron: '40 0 * * 1'

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	jobs:
	analyze:
	name: "Analyze ${{ matrix.os }} / ${{ matrix.python-version }}"
	runs-on: ${{ matrix.os }}-latest

	strategy:
	fail-fast: false
	matrix:
	os: [ Ubuntu ]
	language: [ "python" ]
	python-version: [ "3.11" ]

	permissions:
	actions: read
	contents: read
	security-events: write

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Set up Python ${{ matrix.python-version }}
	uses: actions/setup-python@v5
	with:
	python-version: ${{ matrix.python-version }}
	cache: pip
	allow-prereleases: true

	- name: Install dependencies
	run: \|
	echo "::group::Pip dependencies"
	python -m pip install --upgrade pip setuptools wheel
	python -m pip install --upgrade -r requirements-dev.txt -r requirements.txt
	python -m pip install .
	echo "::endgroup::"

	- name: Initialize CodeQL
	uses: github/codeql-action/init@v3
	with:
	languages: ${{ matrix.language }}
	setup-python-dependencies: false

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@v3

	- name: Run pip audit
	uses: pypa/[email protected]
	continue-on-error: true
	with:
	inputs: requirements.txt requirements-dev.txt

Provide feedback