Skip to content

deps(website): bump astro in /website in the astro group (#9) #107

deps(website): bump astro in /website in the astro group (#9)

deps(website): bump astro in /website in the astro group (#9) #107

Workflow file for this run

name: "CodeQL — security & quality"
# Static analysis of the SkillFishOS sources (Python apps + tooling, and the
# Astro/JS-TS website) with the extended "security-and-quality" query suite.
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
schedule:
- cron: "27 4 * * 1" # weekly, Monday 04:27 UTC
workflow_dispatch:
permissions:
contents: read
security-events: write # required to upload CodeQL results
actions: read
jobs:
analyze:
name: Analyze (${{ matrix.language }})
runs-on: ubuntu-latest
timeout-minutes: 60
strategy:
fail-fast: false
matrix:
include:
- language: python
build-mode: none
- language: javascript-typescript
build-mode: none
steps:
- name: Checkout
uses: actions/checkout@v7
- name: Initialize CodeQL
uses: github/codeql-action/init@v4
with:
languages: ${{ matrix.language }}
build-mode: ${{ matrix.build-mode }}
# Extended suite: security findings PLUS code-quality/maintainability.
queries: security-and-quality
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v4
with:
category: "/language:${{ matrix.language }}"