5959 useConfigFile : true
6060 configFilePath : .github/.gitversion.yml
6161
62+ CodeQL-Analyze :
63+ runs-on : ubuntu-latest
64+ permissions :
65+ actions : read
66+ contents : read
67+ security-events : write
68+ strategy :
69+ fail-fast : false
70+ matrix :
71+ language : [ 'csharp' ]
72+
73+ steps :
74+ - name : Checkout repository
75+ uses : actions/checkout@v3
76+ with :
77+ fetch-depth : 0
78+
79+ - uses : actions/setup-dotnet@v3
80+ with :
81+ dotnet-version : " 6.0.x"
82+
83+ - name : Enable NuGet cache
84+ 85+ with :
86+ path : ~/.nuget/packages
87+ key : ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }}
88+ restore-keys : |
89+ ${{ runner.os }}-nuget
90+
91+ name : Initialize CodeQL
92+ uses : github/codeql-action/init@v2
93+ with :
94+ languages : ${{ matrix.language }}
95+
96+ - name : Restore dependencies
97+ run : dotnet restore
98+ working-directory : ./src
99+
100+ - name : Build Solution
101+ run : dotnet build -c ${{ env.BUILD_CONFIG }} --nologo ${{ env.SOLUTION }}
102+ working-directory : ./src
103+
104+ - name : Perform CodeQL Analysis
105+ uses : github/codeql-action/analyze@v2
106+
62107 analyze :
63108 runs-on : ubuntu-latest
64109 permissions :
@@ -97,11 +142,6 @@ jobs:
97142 restore-keys : |
98143 ${{ runner.os }}-nuget
99144
100- name : Initialize CodeQL
101- uses : github/codeql-action/init@v2
102- with :
103- languages : ${{ matrix.language }}
104-
105145name : Nuget Vulnerabiilty Scan
106146 run : |
107147 dotnet list package --vulnerable 2>&1 | tee vulnerable.txt
@@ -124,9 +164,6 @@ jobs:
124164 sed -i "s/OSSINDEXAPI_USERNAME/$OSSINDEXAPI_USERNAME/g" NuGetDefense.json
125165 nugetdefense -p src/${{ env.SOLUTION }} --settings-file NuGetDefense.json
126166
127- name : Perform CodeQL Analysis
128- uses : github/codeql-action/analyze@v2
129-
130167name : Secret detection
131168132169
0 commit comments