Skip to content

Merge pull request #380 from maxmind/dependabot/github_actions/astral… #1390

Merge pull request #380 from maxmind/dependabot/github_actions/astral…

Merge pull request #380 from maxmind/dependabot/github_actions/astral… #1390

name: "Code scanning - action"
on:
push:
branches-ignore:
- 'dependabot/**'
pull_request:
schedule:
- cron: '0 18 * * 0'
permissions: {}
jobs:
CodeQL-Build:
runs-on: ubuntu-latest
permissions:
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
with:
fetch-depth: 2
submodules: true
persist-credentials: false
- run: git checkout HEAD^2
if: ${{ github.event_name == 'pull_request' }}
- name: Initialize CodeQL
uses: github/codeql-action/init@87557b9c84dde89fdd9b10e88954ac2f4248e463 # v4.36.1
with:
languages: python, cpp
- name: Install the latest version of uv
uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
- run: uv build
env:
MAXMINDDB_REQUIRE_EXTENSION: 1
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@87557b9c84dde89fdd9b10e88954ac2f4248e463 # v4.36.1