forked from sandboxie-plus/Sandboxie
-
Notifications
You must be signed in to change notification settings - Fork 0
137 lines (115 loc) · 3.65 KB
/
codeql.yml
File metadata and controls
137 lines (115 loc) · 3.65 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
name: "CodeQL"
on:
workflow_dispatch:
push:
branches: [ 'master' ]
paths:
- '**.c'
- '**.cpp'
- '**.h'
- '**.hpp'
- '**.def'
- '**.rc'
- '**.idl'
- '**.sln'
- '**.vcxproj'
- '**.vcxproj.filters'
- '**.props'
pull_request:
types:
- opened
branches: [ 'master' ]
paths:
- '**.c'
- '**.cpp'
- '**.h'
- '**.hpp'
- '**.def'
- '**.rc'
- '**.idl'
- '**.sln'
- '**.vcxproj'
- '**.vcxproj.filters'
- '**.props'
schedule:
- cron: '33 7 * * 6'
jobs:
analyze-cpp:
name: Analyze (C/C++)
if: github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule'
runs-on: windows-2022
timeout-minutes: 60
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v6
with:
clean: true
- name: Initialize CodeQL (C/C++)
uses: github/codeql-action/init@v4
with:
languages: c-cpp
build-mode: manual
config-file: ./.github/codeql/codeql-config.yml
- name: Load Variables from buildVariables.cmd
id: vars
shell: cmd
run: |
@echo on
call "${{ github.workspace }}\Installer\buildVariables.cmd" build_qt6
echo qt6_version=%qt6_version% >> "%GITHUB_OUTPUT%"
- name: Setup msbuild
uses: microsoft/setup-msbuild@v3
- name: Install Qt6 x64
uses: jurplel/install-qt-action@v4
with:
version: ${{ steps.vars.outputs.qt6_version }}
arch: 'win64_msvc2022_64'
tools: 'tools_opensslv3_x64'
cache: true
- name: Installing Jom
run: SandboxiePlus\install_jom.cmd
- name: Build Sandboxie x86 (DLLs & svc)
run: msbuild /t:build Sandboxie\SandboxDll.sln /p:Configuration="SbieRelease" /p:Platform=Win32 -maxcpucount:8
- name: Build Sandboxie x64 (all)
run: msbuild /t:build Sandboxie\Sandbox.sln /p:Configuration="SbieRelease" /p:Platform=x64 -maxcpucount:8
- name: Build Sandboxie x64 (drv)
run: msbuild /t:build Sandboxie\SandboxDrv.sln /p:Configuration="SbieRelease" /p:Platform=x64 -maxcpucount:8
- name: Build Sandboxie-Plus x64
run: SandboxiePlus\qmake_plus.cmd x64 build_qt6
- name: Build SbieShell x64
run: msbuild /t:restore,build -p:RestorePackagesConfig=true SandboxiePlus\SbieShell\SbieShell.sln /p:Configuration="Release" /p:Platform=x64
- name: Build Sandboxie-Tools x64
run: msbuild /t:build SandboxieTools\SandboxieTools.sln /p:Configuration="Release" /p:Platform=x64 -maxcpucount:8
- name: Perform CodeQL Analysis (C/C++)
uses: github/codeql-action/analyze@v4
with:
category: "/language:c-cpp"
analyze-other:
name: Analyze
if: github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule'
runs-on: ubuntu-latest
timeout-minutes: 60
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ actions, javascript-typescript ]
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Initialize CodeQL (${{ matrix.language }})
uses: github/codeql-action/init@v4
with:
languages: ${{ matrix.language }}
config-file: ./.github/codeql/codeql-config.yml
- name: Perform CodeQL Analysis (${{ matrix.language }})
uses: github/codeql-action/analyze@v4
with:
category: "/language:${{ matrix.language }}"