Skip to content

Update CodeQL workflow to match the latest template#8533

Merged
FreeTubeBot merged 1 commit intoFreeTubeApp:developmentfrom
absidue:update-codeql
Jan 17, 2026
Merged

Update CodeQL workflow to match the latest template#8533
FreeTubeBot merged 1 commit intoFreeTubeApp:developmentfrom
absidue:update-codeql

Conversation

@absidue
Copy link
Member

@absidue absidue commented Jan 17, 2026

Pull Request Type

  • Other

Description

This pull request updates our CodeQL workflow to match the template the GitHub currently generates when you setup CodeQL scanning from scratch. I got this by messing with the code scanning settings in my fork (would not recommend, was not a fun time) and modified our existing template to match.

Full generated output: 
name: "CodeQL Advanced"

on:
  push:
    branches: [ "development" ]
  pull_request:
    branches: [ "development" ]
  schedule:
    - cron: '18 2 * * 3'

jobs:
  analyze:
    name: Analyze (${{ matrix.language }})
    runs-on: ubuntu-latest
    permissions:
      security-events: write
      actions: read
      contents: read

    strategy:
      fail-fast: false
      matrix:
        include:
        - language: actions
          build-mode: none
        - language: javascript-typescript
          build-mode: none
        # CodeQL supports the following values keywords for 'language': 'actions', 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'rust', 'swift'
        # Use `c-cpp` to analyze code written in C, C++ or both
        # Use 'java-kotlin' to analyze code written in Java, Kotlin or both
        # Use 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
        # To learn more about changing the languages that are analyzed or customizing the build mode for your analysis,
        # see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.
        # If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how
        # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
    steps:
    - name: Checkout repository
      uses: actions/checkout@v4

    - name: Initialize CodeQL
      uses: github/codeql-action/init@v4
      with:
        languages: ${{ matrix.language }}
        build-mode: ${{ matrix.build-mode }}

    - name: Perform CodeQL Analysis
      uses: github/codeql-action/analyze@v4
      with:
        category: "/language:${{matrix.language}}"

Testing

@FreeTubeBot FreeTubeBot enabled auto-merge (squash) January 17, 2026 13:37
@github-actions github-actions bot added the PR: waiting for review For PRs that are complete, tested, and ready for review label Jan 17, 2026
@github-advanced-security

This comment was marked as duplicate.

Sign in to view
@FreeTubeBot FreeTubeBot merged commit 0c34f54 into FreeTubeApp:development Jan 17, 2026
6 checks passed
@github-actions github-actions bot removed the PR: waiting for review For PRs that are complete, tested, and ready for review label Jan 17, 2026
@absidue absidue deleted the update-codeql branch January 17, 2026 17:48
PikachuEXE added a commit to PikachuEXE/FreeTube that referenced this pull request Jan 19, 2026
@PikachuEXE
Merge branch 'development' into fix/local-cross-channel-author-link
d94edf0 
* development: (55 commits)
  Translated using Weblate (Chinese (Simplified Han script))
  Translated using Weblate (Czech)
  Translated using Weblate (Russian)
  Translated using Weblate (Polish)
  Translated using Weblate (Kurdish (Central))
  Translated using Weblate (French)
  Use GITHUB_TOKEN instead of dedicated PUSH_TOKEN in auto-merge workflow (FreeTubeApp#8541)
  Local API: Implement SABR for VODs (FreeTubeApp#8047)
  Bump package version from 0.23.12 to 0.23.13 (FreeTubeApp#8531)
  Update CodeQL workflow to match the latest template (FreeTubeApp#8533)
  fix: video player playback rate (FreeTubeApp#8407)
  Decipher live DASH manifest URL (FreeTubeApp#8530)
  Add a show all windows button to the tray menu (FreeTubeApp#8494)
  Disable automatically running the flatpak workflow (FreeTubeApp#8507)
  fix using shift on watch page (FreeTubeApp#8491)
  Translated using Weblate (Hebrew)
  Translated using Weblate (Hebrew)
  Fix WAPT link in README (FreeTubeApp#8529)
  Fix typo in auto-merge workflow (FreeTubeApp#8518)
  Added translation using Weblate (Uzbek)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PikachuEXE PikachuEXE PikachuEXE approved these changes

@efb4f5ff-1298-471a-8973-3d47447115dc efb4f5ff-1298-471a-8973-3d47447115dc efb4f5ff-1298-471a-8973-3d47447115dc approved these changes

@ChunkyProgrammer ChunkyProgrammer ChunkyProgrammer approved these changes

@kommunarr kommunarr Awaiting requested review from kommunarr

@MarmadileManteater MarmadileManteater Awaiting requested review from MarmadileManteater

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@absidue @PikachuEXE @efb4f5ff-1298-471a-8973-3d47447115dc @ChunkyProgrammer @FreeTubeBot