--- /dev/null
+# Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
+#
+# SPDX-License-Identifier: curl
+#
+# https://github.com/microsoft/msvc-code-analysis-action
+
+name: Microsoft C++ Code Analysis
+
+on:
+ push:
+ branches: [ "master" ]
+ pull_request:
+ branches: [ "master" ]
+
+env:
+ # Path to the CMake build directory.
+ build: '${{ github.workspace }}/build'
+
+permissions:
+ contents: read
+
+jobs:
+ analyze:
+ permissions:
+ contents: read # for actions/checkout to fetch code
+ security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ name: Analyze
+ runs-on: windows-latest
+
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v3
+
+ - name: Configure CMake
+ run: cmake -B ${{ env.build }}
+
+ - name: Build CMake
+ run: cmake --build ${{ env.build }}
+
+ - name: Generate an empty lib1521.c
+ run: |
+ echo "int main(void) { return 0; }" > ${{ env.build }}/tests/libtest/lib1521.c
+
+ - name: Initialize MSVC Code Analysis
+ uses: microsoft/msvc-code-analysis-action@04825f6d9e00f87422d6bf04e1a38b1f3ed60d99
+ # Provide a unique ID to access the sarif output path
+ id: run-analysis
+ with:
+ cmakeBuildDirectory: ${{ env.build }}
+ # Ruleset file that will determine what checks will be run
+ ruleset: NativeRecommendedRules.ruleset
+
+ # Upload SARIF file to GitHub Code Scanning Alerts
+ - name: Upload SARIF to GitHub
+ uses: github/codeql-action/upload-sarif@v2
+ with:
+ sarif_file: ${{ steps.run-analysis.outputs.sarif }}
+
+ # Upload SARIF file as an Artifact to download and view
+ # - name: Upload SARIF as an Artifact
+ # uses: actions/upload-artifact@v3
+ # with:
+ # name: sarif-file
+ # path: ${{ steps.run-analysis.outputs.sarif }}
projects / thirdparty / curl.git / commitdiff
