Add pull request events to CodeQL action

This will validate pull requests from forks to ensure that changes don't end up impacting you negatively.
2024-11-24 08:52:25 +02:00 · 2020-07-28 21:42:21 -07:00 · 2020-07-28 21:42:21 -07:00 · 43189a7854
commit 43189a7854
parent 2318716a89
1 changed files with 15 additions and 2 deletions
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -2,8 +2,12 @@ name: "Code scanning - action"

 on:
  push:
+    branches: [master, ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [master]
  schedule:
-    - cron: '0 0 * * 0'
+    - cron: '0 15 * * 2'
      
 jobs:
  CodeQL-Build:
@ -17,6 +21,15 @@ jobs:
    steps:
    - name: Checkout repository
      uses: actions/checkout@v2
+      with:
+        # We must fetch at least the immediate parents so that if this is
+        # a pull request then we can checkout the head.
+        fetch-depth: 2
+
+    # If this run was triggered by a pull request event, then checkout
+    # the head of the pull request instead of the merge commit.
+    - run: git checkout HEAD^2
+      if: ${{ github.event_name == 'pull_request' }}

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL