This is an automated email from the ASF dual-hosted git repository.

ppkarwasz pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/commons-xml.git

commit f0ad0bcef2bfab6239635b8482113f5fcb9c878b
Author: Piotr P. Karwasz <[email protected]>
AuthorDate: Sat Apr 25 12:14:30 2026 +0200

    feat: add "CodeQL" workflow
---
 .github/workflows/codeql-analysis.yml | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/.github/workflows/codeql-analysis.yml 
b/.github/workflows/codeql-analysis.yml
new file mode 100644
index 0000000..d8756c4
--- /dev/null
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,35 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#      https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+name: CodeQL
+
+on:
+  push:
+    branches: [ "master" ]
+  pull_request: { }
+  schedule:
+    - cron: '33 9 * * 4'   # Randomize this expression
+
+# Explicitly drop all permissions for security.
+permissions: { }
+
+jobs:
+  codeql:
+    # Intentionally not pinned: maintained by the same PMC.
+    uses: 
apache/commons-parent/.github/workflows/codeql-analysis-reusable.yml@master
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
\ No newline at end of file

Reply via email to