From 5bf35dc687008b7a6aa15330d4bd03329c37282c Mon Sep 17 00:00:00 2001 From: Jauder Ho Date: Tue, 5 Oct 2021 17:22:46 +0000 Subject: [PATCH] Add Dependabot and CodeQL support (#4286) Signed-off-by: Jauder Ho Co-authored-by: Adam Warner --- .github/dependabot.yml | 17 ++++++++++++ .github/workflows/codeql-analysis.yml | 40 +++++++++++++++++++++++++++ 2 files changed, 57 insertions(+) create mode 100644 .github/dependabot.yml create mode 100644 .github/workflows/codeql-analysis.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..bc08634e --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,17 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates + +version: 2 +updates: + # Maintain dependencies for GitHub Actions + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + day: saturday + time: "10:00" + open-pull-requests-limit: 10 + target-branch: development + versioning-strategy: increase diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 00000000..a4f67b81 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,40 @@ +name: "CodeQL" + +on: + push: + branches: + - master + - development + pull_request: + branches: + - master + - development + schedule: + - cron: '32 11 * * 6' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + + permissions: + actions: read + contents: read + security-events: write + + steps: + - + name: Checkout repository + uses: actions/checkout@v2 + # Initializes the CodeQL tools for scanning. + - + name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: 'python' + - + name: Autobuild + uses: github/codeql-action/autobuild@v1 + - + name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1