File tree Expand file tree Collapse file tree 2 files changed +78
-0
lines changed
Expand file tree Collapse file tree 2 files changed +78
-0
lines changed Original file line number Diff line number Diff line change 1+ version : 2
2+
3+ updates :
4+ # Python dependencies (pip)
5+ - package-ecosystem : " pip"
6+ directory : " /"
7+ schedule :
8+ interval : " weekly"
9+ open-pull-requests-limit : 10
10+ rebase-strategy : " auto"
11+ # Group minor/patch updates to reduce PR noise (Dependabot grouping)
12+ groups :
13+ pip-minor-and-patch :
14+ patterns : ["*"]
15+ update-types : ["minor", "patch"]
16+
17+ # GitHub Actions workflow dependencies
18+ - package-ecosystem : " github-actions"
19+ directory : " /"
20+ schedule :
21+ interval : " weekly"
22+ open-pull-requests-limit : 10
23+ groups :
24+ gha-all :
25+ patterns : ["*"]
Original file line number Diff line number Diff line change 1+ name : " CodeQL"
2+
3+ on :
4+ push :
5+ branches : [ "main" ]
6+ pull_request :
7+ branches : [ "main" ]
8+ schedule :
9+ - cron : " 0 3 * * 1" # Every Monday at 03:00 UTC
10+
11+ jobs :
12+ analyze :
13+ name : Analyze (CodeQL)
14+ runs-on : ubuntu-latest
15+ permissions :
16+ actions : read
17+ contents : read
18+ security-events : write
19+
20+ strategy :
21+ fail-fast : false
22+ matrix :
23+ language : [ "python" ]
24+
25+ steps :
26+ - name : Checkout repository
27+ # v4 of checkout is recommended
28+ uses : actions/checkout@v4
29+
30+ # Optional but helpful: ensures a Python is available if your repo has build steps
31+ - name : Set up Python
32+ uses : actions/setup-python@v5
33+ with :
34+ python-version : " 3.x"
35+
36+ # Optional: install deps so CodeQL can better understand imports (won't fail if file is missing)
37+ - name : Install dependencies (optional)
38+ run : |
39+ if [ -f requirements.txt ]; then
40+ pip install -r requirements.txt
41+ fi
42+
43+ name : Initialize CodeQL
44+ uses : github/codeql-action/init@v3
45+ with :
46+ languages : ${{ matrix.language }}
47+
48+ # For Python, autobuild is generally no-op, but keep it for consistency
49+ - name : Autobuild
50+ uses : github/codeql-action/autobuild@v3
51+
52+ - name : Perform CodeQL Analysis
53+ uses : github/codeql-action/analyze@v3
You can’t perform that action at this time.
0 commit comments