From 1a2a18f1d59712f12d14d70342ee9022bab3afee Mon Sep 17 00:00:00 2001 From: Falk Rund Date: Wed, 31 Dec 2025 16:36:01 +0100 Subject: [PATCH] Update Codacy analysis workflow for branch support --- .github/workflows/codacy-analysis.yml | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/.github/workflows/codacy-analysis.yml b/.github/workflows/codacy-analysis.yml index 8ed48b35..daf30f31 100644 --- a/.github/workflows/codacy-analysis.yml +++ b/.github/workflows/codacy-analysis.yml @@ -10,37 +10,31 @@ name: Codacy Security Scan on: push: - branches: [ main ] + branches: [ "master", "main" ] pull_request: - branches: [ main ] + branches: [ "master", "main" ] jobs: codacy-security-scan: name: Codacy Security Scan runs-on: ubuntu-latest steps: - # Checkout the repository to the GitHub Actions runner - name: Checkout code - uses: actions/checkout@v6.0.1 + uses: actions/checkout@main - # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis - name: Run Codacy Analysis CLI - uses: codacy/codacy-analysis-cli-action@v4.3.0 + uses: codacy/codacy-analysis-cli-action@master with: - # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository - # You can also omit the token and run the tools that support default configurations - project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} - verbose: true output: results.sarif format: sarif # Adjust severity of non-security issues gh-code-scanning-compat: true # Force 0 exit code to allow SARIF file generation - # This will handover control about PR rejection to the GitHub side + # This will hand over control about PR rejection to the GitHub side max-allowed-issues: 2147483647 - + # Upload the SARIF file generated in the previous step - name: Upload SARIF results file - uses: github/codeql-action/upload-sarif@v4.31.9 + uses: github/codeql-action/upload-sarif@main with: sarif_file: results.sarif