Try GitHub CodeQL

whyoleg · whyoleg · commit 900cdb5cab05 · 2025-06-25T00:14:03.000+03:00
diff --git a/.github/workflows/run-checks.yml b/.github/workflows/run-checks.yml
@@ -7,6 +7,9 @@ jobs:
   build-project:
     uses: ./.github/workflows/run-build-project.yml
 
+  codeql:
+    uses: ./.github/workflows/run-codeql.yml
+
   build-website:
     needs: [ build-project ]
     uses: ./.github/workflows/run-build-website.yml
diff --git a/.github/workflows/run-codeql.yml b/.github/workflows/run-codeql.yml
@@ -0,0 +1,20 @@
+name: CodeQL
+on:
+  workflow_dispatch:
+  workflow_call:
+
+jobs:
+  analyze:
+    runs-on: macos-latest
+    permissions:
+      security-events: write
+      packages: read
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ./.github/actions/setup-environment
+
+      - uses: github/codeql-action/init@v3
+        with:
+          languages: actions, kotlin
+
+      - uses: github/codeql-action/analyze@v3
