Skip to content

Security

Security #60

Workflow file for this run

name: "Security"
on:
schedule:
- cron: '0 0 * * *'
jobs:
codeql:
name: CodeQL (${{ matrix.name }})
runs-on: ${{ (matrix.language == 'swift' && 'macos-15') || 'ubuntu-24.04' }}
permissions:
security-events: write
strategy:
fail-fast: false
matrix:
include:
- name: GitHub Actions
language: actions
build-mode: none
- name: Swift
language: swift
build-mode: manual
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Run post-clone script
env:
TMDB_ACCESS_TOKEN: ${{ secrets.TMDB_ACCESS_TOKEN }}
run: ./ci_scripts/ci_post_clone.sh
- name: Xcode 26.0 beta icon bug workaround
run : rm -rf ./Kinova/AppIcon.icon
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
build-mode: ${{ matrix.build-mode }}
- if: matrix.language == 'swift'
name: Select Xcode version
run: sudo xcode-select -s /Applications/Xcode_26.0.app
- if: matrix.language == 'swift'
name: Build with Xcode
run: |
xcrun xcodebuild clean build \
-project Kinova.xcodeproj \
-scheme Kinova \
CODE_SIGNING_ALLOWED=NO
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:${{matrix.language}}"