name: "CodeQL" on: schedule: - cron: '0 0 * * *' workflow_dispatch: jobs: codeql: name: 🐛 CodeQL runs-on: ubuntu-24.04 permissions: actions: read contents: read security-events: write steps: - name: 🧰 Checkout uses: actions/checkout@v4 with: submodules: recursive - name: ✋ Initialize CodeQL uses: github/codeql-action/init@v2 with: languages: 'cpp' - name: 📜 Setup ccache uses: hendrikmuhs/ccache-action@v1 with: key: ${{ runner.os }}-analysis-build-${{ github.run_id }} restore-keys: ${{ runner.os }}-analysis-build max-size: 50M - name: 📜 Restore CMakeCache uses: actions/cache@v4 with: path: | build/CMakeCache.txt key: ${{ runner.os }}-analysis-build-${{ hashFiles('**/CMakeLists.txt') }} - name: ⬇️ Install dependencies run: | sudo apt update sudo bash dist/get_deps_debian.sh - name: 🛠️ Build run: | set -x mkdir -p build cd build CC=gcc-14 CXX=g++-14 cmake \ -DCMAKE_BUILD_TYPE=$BUILD_TYPE \ -DCMAKE_INSTALL_PREFIX="$PWD/install" \ -DCMAKE_C_COMPILER_LAUNCHER=ccache \ -DCMAKE_CXX_COMPILER_LAUNCHER=ccache \ -DCMAKE_C_FLAGS="-fuse-ld=lld" \ -DCMAKE_CXX_FLAGS="-fuse-ld=lld" \ -DIMHEX_PATTERNS_PULL_MASTER=ON \ .. make -j 4 install - name: 🗯️ Perform CodeQL Analysis uses: github/codeql-action/analyze@v2