GeWuYou
|
14e1d984e6
|
chore(workflow): 移除跳过标记检查并调整代码扫描定时任务
- 移除了 GitHub 工作流中的跳过关键字检查步骤
- 将代码扫描定时任务从每周二凌晨4点41分改为每天凌晨2点执行
- 简化了工作流配置逻辑,移除了条件判断相关的代码块
|
2026-02-01 22:11:32 +08:00 |
|
dependabot[bot]
|
47b9007793
|
chore(deps): bump actions/checkout from 4 to 6
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v6)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-01-29 13:02:07 +08:00 |
|
dependabot[bot]
|
d7a5a3fde4
|
chore(deps): bump actions/setup-dotnet from 4 to 5
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 4 to 5.
- [Release notes](https://github.com/actions/setup-dotnet/releases)
- [Commits](https://github.com/actions/setup-dotnet/compare/v4...v5)
---
updated-dependencies:
- dependency-name: actions/setup-dotnet
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-01-29 12:57:08 +08:00 |
|
GeWuYou
|
2f443087a4
|
ci(workflow): 添加 CodeQL 静态代码分析工作流
- 配置 GitHub Actions 工作流用于 C# 项目安全漏洞分析
- 设置在 main 分支推送和拉取请求时触发扫描
- 添加每周二凌晨 4 点 41 分的定时安全扫描
- 配置 .NET 8.0.x、9.0.x 和 10.0.x 版本环境支持
- 初始化 CodeQL 分析环境并启用 C# 语言支持
- 设置自动构建模式并执行静态代码分析
- 配置安全事件写入权限以生成分析报告
|
2026-01-29 12:05:40 +08:00 |
|