Skip to content

ci: Set up CodeQL analysis w/ fix #328

ci: Set up CodeQL analysis w/ fix

ci: Set up CodeQL analysis w/ fix #328

Workflow file for this run

# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
name: Node CI
on: [push, pull_request]
jobs:
test:
name: NodeJS ${{ matrix.node-version }} on ${{ matrix.os }}
runs-on: ${{ matrix.os }}
strategy:
matrix:
node-version: [18.x, 20.x]
os: [ubuntu-latest, windows-latest, macos-latest]
steps:
- uses: actions/checkout@v4
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
- name: Environment Information
run: |
node --version
npm --version
# "bin/templates/platform_www/cordova.js" is ignored because it is generated file.
# It contains mixed content from npm package "cordova-js" & "./cordova-js-src".
# The report might not be resovable because of the external package.
# If report related to this repo, it would be detected when scanning "./cordova-js-src".
- uses: github/codeql-action/init@v3
with:
languages: javascript
queries: security-and-quality
config: |
paths-ignore:
- coverage
- node_modules
- bin/templates/platform_www/cordova.js
- name: npm install and test
run: npm cit
env:
CI: true
- uses: github/codeql-action/analyze@v3
- uses: codecov/codecov-action@v4
if: success()
with:
name: ${{ runner.os }} node.js ${{ matrix.node-version }}
token: ${{ secrets.CORDOVA_CODECOV_TOKEN }}
fail_ci_if_error: false