SF-3508 Use mat-card to show draft progress in new draft history UI #9075
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "CodeQL" | |
| permissions: {} | |
| on: | |
| push: | |
| branches: ["master", "develop", "sf-live", "sf-qa"] | |
| pull_request: | |
| merge_group: | |
| schedule: | |
| - cron: "34 18 * * 2" | |
| jobs: | |
| analyze-javascript: | |
| name: Analyze JavaScript | |
| runs-on: ubuntu-latest | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v3 | |
| with: | |
| languages: javascript | |
| config-file: ./.github/codeql/codeql-javascript-config.yml | |
| dependency-caching: true | |
| - name: Autobuild | |
| uses: github/codeql-action/autobuild@v3 | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v3 | |
| analyze-csharp: | |
| name: Analyze C# | |
| runs-on: ubuntu-latest | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| strategy: | |
| matrix: | |
| dotnet_version: ["8.0.x"] | |
| node_version: ["22.13.0"] | |
| npm_version: ["10.9.2"] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - name: "Deps: .NET" | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| dotnet-version: ${{matrix.dotnet_version}} | |
| cache: true | |
| cache-dependency-path: src/SIL.XForge.Scripture/packages.lock.json | |
| - name: Use Node.js ${{ matrix.node_version }} | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ matrix.node_version }} | |
| cache: "npm" | |
| cache-dependency-path: | | |
| src/SIL.XForge.Scripture/ClientApp/package-lock.json | |
| src/RealtimeServer/package-lock.json | |
| - name: Upgrade npm | |
| run: npm install -g npm@${{matrix.npm_version}} | |
| # Install NPM dependencies. This is an attempt to fix errors building TypeScript that occur in the Autobuild step. | |
| # They might be caused by NPM dependencies not being successfully installed before trying to build. If this | |
| # doesn't prevent those errors, we should remove this step. | |
| # Another possible approach would be to create a C# build config that does not build the realtime server at all, | |
| # which would result in faster analysis and remove this failure mode. | |
| - name: Install realtime-server dependencies | |
| run: cd src/RealtimeServer && (npm ci || (sleep 3m && npm ci)) | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v3 | |
| with: | |
| languages: csharp | |
| queries: security-and-quality | |
| dependency-caching: true | |
| - name: Autobuild | |
| uses: github/codeql-action/autobuild@v3 | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v3 | |
| with: | |
| upload: False | |
| output: sarif-results | |
| - name: filter-sarif | |
| uses: advanced-security/filter-sarif@v1 | |
| with: | |
| patterns: | | |
| -**/*Tests.cs:cs/hardcoded-credentials | |
| input: sarif-results/csharp.sarif | |
| output: sarif-results/csharp.sarif | |
| - name: Upload SARIF | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: sarif-results/csharp.sarif | |
| analyze-python: | |
| name: Analyze Python | |
| runs-on: ubuntu-latest | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v3 | |
| with: | |
| languages: python | |
| queries: security-and-quality | |
| dependency-caching: true | |
| - name: Autobuild | |
| uses: github/codeql-action/autobuild@v3 | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v3 |