Skip to content

Pin app-store to v1.0.1 release tag (#321) #887

Pin app-store to v1.0.1 release tag (#321)

Pin app-store to v1.0.1 release tag (#321) #887

Workflow file for this run

name: "CodeQL"
on:
push:
branches: [main]
pull_request:
branches: [main]
schedule:
- cron: "0 6 * * 1" # weekly, Monday 6 AM UTC
# Workflow-level default — least privilege. The analyze job elevates
# security-events to write for the CodeQL upload step.
permissions:
contents: read
jobs:
analyze:
name: Analyze Go
runs-on: ubuntu-latest
permissions:
security-events: write
contents: read
steps:
- uses: actions/checkout@v7
- uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
config-file: ./.github/codeql/codeql-config.yml
- uses: github/codeql-action/autobuild@v3
- uses: github/codeql-action/analyze@v3