Skip to content

workflows

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History
 
 

workflows

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
build-ripunzip.yml
build-ripunzip.yml
 
 
buildifier.yml
buildifier.yml
 
 
check-change-note.yml
check-change-note.yml
 
 
check-implicit-this.yml
check-implicit-this.yml
 
 
check-overlay-annotations.yml
check-overlay-annotations.yml
 
 
check-qldoc.yml
check-qldoc.yml
 
 
check-query-ids.yml
check-query-ids.yml
 
 
close-stale.yml
close-stale.yml
 
 
codeql-analysis.yml
codeql-analysis.yml
 
 
codeql-monorepo.yml
codeql-monorepo.yml
 
 
codeql-org-security.yml
codeql-org-security.yml
 
 
codeql-pr-checks.yml
codeql-pr-checks.yml
 
 
compile-queries.yml
compile-queries.yml
 
 
cpp-swift-analysis.yml
cpp-swift-analysis.yml
 
 
csharp-qltest.yml
csharp-qltest.yml
 
 
csv-coverage-metrics.yml
csv-coverage-metrics.yml
 
 
csv-coverage-pr-artifacts.yml
csv-coverage-pr-artifacts.yml
 
 
csv-coverage-pr-comment.yml
csv-coverage-pr-comment.yml
 
 
csv-coverage-timeseries.yml
csv-coverage-timeseries.yml
 
 
csv-coverage-update.yml
csv-coverage-update.yml
 
 
csv-coverage.yml
csv-coverage.yml
 
 
fast-forward.yml
fast-forward.yml
 
 
go-tests.yml
go-tests.yml
 
 
kotlin-build.yml
kotlin-build.yml
 
 
labeler.yml
labeler.yml
 
 
mad_modelDiff.yml
mad_modelDiff.yml
 
 
mad_regenerate-models.yml
mad_regenerate-models.yml
 
 
post-pr-comment.yml
post-pr-comment.yml
 
 
python-tooling.yml
python-tooling.yml
 
 
qhelp-pr-preview.yml
qhelp-pr-preview.yml
 
 
ql-for-ql-build.yml
ql-for-ql-build.yml
 
 
ql-for-ql-dataset_measure.yml
ql-for-ql-dataset_measure.yml
 
 
ql-for-ql-tests.yml
ql-for-ql-tests.yml
 
 
query-list.yml
query-list.yml
 
 
ruby-build.yml
ruby-build.yml
 
 
ruby-dataset-measure.yml
ruby-dataset-measure.yml
 
 
ruby-qltest-rtjo.yml
ruby-qltest-rtjo.yml
 
 
ruby-qltest.yml
ruby-qltest.yml
 
 
rust-analysis.yml
rust-analysis.yml
 
 
rust.yml
rust.yml
 
 
swift.yml
swift.yml
 
 
sync-files.yml
sync-files.yml
 
 
tree-sitter-extractor-test.yml
tree-sitter-extractor-test.yml
 
 
validate-change-notes.yml
validate-change-notes.yml
 
 
zipmerge-test.yml
zipmerge-test.yml
 
 

README.md

CodeQL Workflows

This directory contains CodeQL security scanning workflows for the organization.

Workflows

codeql-org-security.yml

Main security workflow that scans:

  • JavaScript/TypeScript - No build required
  • Python - No build required
  • Go - Uses autobuild
  • Ruby - No build required

Note: This workflow intentionally excludes C++, Java, C#, and Swift because:

  1. The CodeQL repository has complex build requirements for these languages
  2. The repository already has dedicated workflows for these languages (see codeql-analysis.yml, cpp-swift-analysis.yml, etc.)
  3. For your own organization's simpler projects, you can add these languages back

codeql-monorepo.yml

Specialized workflow for monorepo setups with automatic language detection.

codeql-pr-checks.yml

Optimized workflow for pull requests that only scans changed files.

For Your Organization's Projects

When you copy these workflows to your other repositories, you can enable all languages:

language: [ 'javascript', 'python', 'java', 'csharp', 'cpp', 'go', 'ruby', 'swift' ]

Most projects have simpler build requirements and autobuild will work fine.

Customizing Builds

If autobuild fails in your projects, replace it with manual build steps:

# Example for Java with Maven
- name: Build with Maven
  if: matrix.language == 'java'
  run: mvn clean install -DskipTests

# Example for C++ with make
- name: Build C++
  if: matrix.language == 'cpp'
  run: |
    ./configure
    make

# Example for C# with dotnet
- name: Build C#
  if: matrix.language == 'csharp'
  run: |
    dotnet restore
    dotnet build

See Also