.github/workflows/gha-codeql.yml - llvm-project - Git at Google

 name: Github Actions CodeQL

 permissions:
   contents: read

 on:
   pull_request:
     branches:
       - main
     paths:
       - '.github/**'
   schedule:
     - cron: '30 0 * * *'

 concurrency:
   group: ${{ github.workflow }}
   cancel-in-progress: true

 jobs:
   codeql:
     name: 'Github Actions CodeQL'
     runs-on: ubuntu-24.04
     permissions:
       security-events: write
     steps:
       - name: Checkout LLVM
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
           sparse-checkout: |
             .github/
       - name: Initialize CodeQL
         uses: github/codeql-action/init@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
         with:
           languages: actions
           queries: security-extended
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
	name: Github Actions CodeQL

	permissions:
	contents: read

	on:
	pull_request:
	branches:
	- main
	paths:
	- '.github/**'
	schedule:
	- cron: '30 0 * * *'

	concurrency:
	group: ${{ github.workflow }}
	cancel-in-progress: true

	jobs:
	codeql:
	name: 'Github Actions CodeQL'
	runs-on: ubuntu-24.04
	permissions:
	security-events: write
	steps:
	- name: Checkout LLVM
	uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
	with:
	sparse-checkout: \|
	.github/
	- name: Initialize CodeQL
	uses: github/codeql-action/init@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
	with:
	languages: actions
	queries: security-extended
	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2