1name: "CodeQL" 2 3on: [push, pull_request] 4 5jobs: 6 analyze: 7 name: Analyze 8 runs-on: ubuntu-20.04 9 10 strategy: 11 fail-fast: false 12 matrix: 13 # Override automatic language detection by changing the below list 14 # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python'] 15 language: ['cpp', 'python'] 16 # Learn more... 17 # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection 18 19 steps: 20 - name: Checkout repository 21 uses: actions/checkout@v2 22 23 - name: Install missing software on ubuntu 24 run: | 25 sudo apt-get update 26 sudo apt-get install libxml2-utils 27 sudo apt-get install libz3-dev libz3-4 28 29 # Initializes the CodeQL tools for scanning. 30 - name: Initialize CodeQL 31 uses: github/codeql-action/init@v1 32 with: 33 languages: ${{ matrix.language }} 34 # If you wish to specify custom queries, you can do so here or in a config file. 35 # By default, queries listed here will override any specified in a config file. 36 # Prefix the list here with "+" to use these queries and those in the config file. 37 # queries: ./path/to/local/query, your-org/your-repo/queries@main 38 setup-python-dependencies: false 39 40 - run: | 41 make -j$(nproc) USE_Z3=yes HAVE_RULES=yes cppcheck 42 43 - name: Perform CodeQL Analysis 44 uses: github/codeql-action/analyze@v1 45