This is an automated email from the ASF dual-hosted git repository. ppkarwasz pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/commons-xml.git
commit f0ad0bcef2bfab6239635b8482113f5fcb9c878b Author: Piotr P. Karwasz <[email protected]> AuthorDate: Sat Apr 25 12:14:30 2026 +0200 feat: add "CodeQL" workflow --- .github/workflows/codeql-analysis.yml | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 0000000..d8756c4 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,35 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +name: CodeQL + +on: + push: + branches: [ "master" ] + pull_request: { } + schedule: + - cron: '33 9 * * 4' # Randomize this expression + +# Explicitly drop all permissions for security. +permissions: { } + +jobs: + codeql: + # Intentionally not pinned: maintained by the same PMC. + uses: apache/commons-parent/.github/workflows/codeql-analysis-reusable.yml@master + permissions: + actions: read + contents: read + security-events: write \ No newline at end of file
