Skip to content

Commit 65b26a3

Browse files
turbomamclaude
andauthored
ci: add GitHub Actions to CodeQL language matrix (#542)
CodeQL now also scans the workflow files (script injection, secret handling, etc.) alongside Python. build-mode: none already applies to both languages. zizmor and actionlint still run separately and cover overlapping workflow-security ground. Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
1 parent 2a502e3 commit 65b26a3

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

.github/workflows/codeql.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ jobs:
2020
strategy:
2121
fail-fast: false
2222
matrix:
23-
language: ['python']
23+
language: ['python', 'actions']
2424
steps:
2525
- name: Checkout
2626
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3

0 commit comments

Comments
 (0)