.github/actions/perform-codeql-analysis/action.yaml - third_party/github/project-chip/connectedhomeip - Git at Google

 name: Run CodeQL Analysis
 description: Run and upload CodeQL Analysis
 inputs:
   language:
     description: "language for codeql analysis"
     required: true
 runs:
   using: "composite"
   steps:
     - name: Perform CodeQL Analysis
       uses: github/codeql-action/analyze@v3
       with:
         category: "/language:${{ inputs.language }}"
         upload: False
         output: sarif-results
     - name: filter-sarif
       uses: advanced-security/filter-sarif@v1
       with:
         # We also disable checks that are not too important and that result in many hundreds of alerts with generated code, such as the check "Empty branch of conditional"
         patterns: |
           -**/third_party/**
           -**/scripts/**
           -**/tests/**
           -**/*.cpp:cpp/trivial-switch
           -**/*.cpp:cpp/empty-block
         input: "sarif-results/${{ inputs.language }}.sarif"
         output: "sarif-results/${{ inputs.language }}.sarif"

     - name: Upload SARIF
       uses: github/codeql-action/upload-sarif@v3
       with:
         sarif_file: "sarif-results/${{ inputs.language }}.sarif"
     - name: Upload loc as a Build Artifact
       uses: actions/upload-artifact@v4
       with:
         name: sarif-results
         path: sarif-results
         retention-days: 1
	name: Run CodeQL Analysis
	description: Run and upload CodeQL Analysis
	inputs:
	language:
	description: "language for codeql analysis"
	required: true
	runs:
	using: "composite"
	steps:
	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@v3
	with:
	category: "/language:${{ inputs.language }}"
	upload: False
	output: sarif-results
	- name: filter-sarif
	uses: advanced-security/filter-sarif@v1
	with:
	# We also disable checks that are not too important and that result in many hundreds of alerts with generated code, such as the check "Empty branch of conditional"
	patterns: \|
	-/third_party/
	-/scripts/
	-/tests/
	-*/.cpp:cpp/trivial-switch
	-*/.cpp:cpp/empty-block
	input: "sarif-results/${{ inputs.language }}.sarif"
	output: "sarif-results/${{ inputs.language }}.sarif"

	- name: Upload SARIF
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: "sarif-results/${{ inputs.language }}.sarif"
	- name: Upload loc as a Build Artifact
	uses: actions/upload-artifact@v4
	with:
	name: sarif-results
	path: sarif-results
	retention-days: 1