09e9f3545f
CodeQL / Analyze (push) Waiting to run
dependency-audit / pip-audit (push) Waiting to run
Test / Code Quality (push) Has been cancelled
Test / Test (macos-latest, Python 3.10) (push) Has been cancelled
Test / Test (macos-latest, Python 3.11) (push) Has been cancelled
Test / Test (macos-latest, Python 3.12) (push) Has been cancelled
Test / Test (macos-latest, Python 3.13) (push) Has been cancelled
Test / Test (macos-latest, Python 3.14) (push) Has been cancelled
Test / Test (ubuntu-latest, Python 3.10) (push) Has been cancelled
Test / Test (ubuntu-latest, Python 3.11) (push) Has been cancelled
Test / Test (ubuntu-latest, Python 3.12) (push) Has been cancelled
Test / Test (ubuntu-latest, Python 3.13) (push) Has been cancelled
Test / Test (ubuntu-latest, Python 3.14) (push) Has been cancelled
Test / Test (windows-latest, Python 3.10) (push) Has been cancelled
Test / Test (windows-latest, Python 3.11) (push) Has been cancelled
Test / Test (windows-latest, Python 3.12) (push) Has been cancelled
Test / Test (windows-latest, Python 3.13) (push) Has been cancelled
Test / Test (windows-latest, Python 3.14) (push) Has been cancelled
41 lines
1.1 KiB
YAML
41 lines
1.1 KiB
YAML
name: CodeQL
|
|
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
pull_request:
|
|
branches: [main]
|
|
schedule:
|
|
- cron: '0 12 * * 1' # Monday at noon UTC
|
|
|
|
jobs:
|
|
analyze:
|
|
name: Analyze
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
actions: read
|
|
security-events: write
|
|
contents: read
|
|
|
|
steps:
|
|
- uses: actions/checkout@v7
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- name: Initialize CodeQL
|
|
uses: github/codeql-action/init@v4
|
|
with:
|
|
languages: python
|
|
# ``py/clear-text-logging-sensitive-data`` flags every path
|
|
# where a value tagged as secret reaches a print statement,
|
|
# even when the project's local sanitiser
|
|
# ``notebooklm._logging.scrub_secrets`` has already redacted
|
|
# the value. ``codeql-config.yml`` scopes the suppression
|
|
# narrowly to ``scripts/check_rpc_health.py`` (the only
|
|
# script that prints decoded RPC responses for diagnostics);
|
|
# the query still runs everywhere else.
|
|
config-file: .github/codeql-config.yml
|
|
|
|
- name: Perform CodeQL Analysis
|
|
uses: github/codeql-action/analyze@v4
|