# ivuorinen/actions/codeql-analysis ## CodeQL Analysis ### Description Run CodeQL security analysis for a single language with configurable query suites ### Inputs | name | description | required | default | |---------------------|---------------------------------------------------------------------------------------------|----------|-----------------------| | `language` |

Language to analyze (javascript, python, actions, java, csharp, cpp, ruby, go, etc.)

| `true` | `""` | | `queries` |

Comma-separated list of additional queries to run

| `false` | `""` | | `packs` |

Comma-separated list of CodeQL query packs to run

| `false` | `""` | | `config-file` |

Path to CodeQL configuration file

| `false` | `""` | | `config` |

Configuration passed as a YAML string

| `false` | `""` | | `build-mode` |

The build mode for compiled languages (none, manual, autobuild)

| `false` | `""` | | `source-root` |

Path of the root source code directory

| `false` | `""` | | `category` |

Analysis category (default: /language:)

| `false` | `""` | | `checkout-ref` |

Git reference to checkout (default: current ref)

| `false` | `""` | | `token` |

GitHub token for API access

| `false` | `${{ github.token }}` | | `working-directory` |

Working directory for the analysis

| `false` | `.` | | `upload-results` |

Upload results to GitHub Security tab

| `false` | `true` | | `ram` |

Amount of memory in MB that can be used by CodeQL

| `false` | `""` | | `threads` |

Number of threads that can be used by CodeQL

| `false` | `""` | | `output` |

Path to save SARIF results

| `false` | `../results` | | `skip-queries` |

Build database but skip running queries

| `false` | `false` | | `add-snippets` |

Add code snippets to SARIF output

| `false` | `false` | ### Outputs | name | description | |---------------------|---------------------------------------| | `language-analyzed` |

Language that was analyzed

| | `analysis-category` |

Category used for the analysis

| | `sarif-file` |

Path to generated SARIF file

| ### Runs This action is a `composite` action. ### Usage ```yaml - uses: ivuorinen/actions/codeql-analysis@main with: language: # Language to analyze (javascript, python, actions, java, csharp, cpp, ruby, go, etc.) # # Required: true # Default: "" queries: # Comma-separated list of additional queries to run # # Required: false # Default: "" packs: # Comma-separated list of CodeQL query packs to run # # Required: false # Default: "" config-file: # Path to CodeQL configuration file # # Required: false # Default: "" config: # Configuration passed as a YAML string # # Required: false # Default: "" build-mode: # The build mode for compiled languages (none, manual, autobuild) # # Required: false # Default: "" source-root: # Path of the root source code directory # # Required: false # Default: "" category: # Analysis category (default: /language:) # # Required: false # Default: "" checkout-ref: # Git reference to checkout (default: current ref) # # Required: false # Default: "" token: # GitHub token for API access # # Required: false # Default: ${{ github.token }} working-directory: # Working directory for the analysis # # Required: false # Default: . upload-results: # Upload results to GitHub Security tab # # Required: false # Default: true ram: # Amount of memory in MB that can be used by CodeQL # # Required: false # Default: "" threads: # Number of threads that can be used by CodeQL # # Required: false # Default: "" output: # Path to save SARIF results # # Required: false # Default: ../results skip-queries: # Build database but skip running queries # # Required: false # Default: false add-snippets: # Add code snippets to SARIF output # # Required: false # Default: false ```