Update comment line numbers for clarity in project_a_vuln.py and proj… #162
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Workflow for scanning code with CodeQL | |
| name: codeql-wrapper-monorepo-only-changed-files | |
| # Trigger workflow | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| workflow_dispatch: | |
| jobs: | |
| codeql-analysis: | |
| name: codeql-wrapper-monorepo-pr | |
| runs-on: ubuntu-latest | |
| permissions: | |
| security-events: write | |
| contents: read | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Install Python | |
| run: | | |
| chmod +x ./install_python.sh | |
| ./install_python.sh | |
| # https://test.pypi.org/project/codeql-wrapper/ | |
| - name: Install CodeQL Wrapper | |
| run: | | |
| pip install -i https://test.pypi.org/simple/ codeql-wrapper | |
| codeql-wrapper --version | |
| - name: Run CodeQL Analysis | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.PAT }} | |
| run: | | |
| curl -s -H "Authorization: token $GITHUB_TOKEN" https://api.github.com/user | |
| codeql-wrapper --verbose analyze ./monorepo \ | |
| --monorepo \ | |
| --upload-sarif \ | |
| --only-changed-files |