{"id":13809729,"url":"https://github.com/advanced-security/set-codeql-language-matrix","last_synced_at":"2025-04-28T17:30:49.340Z","repository":{"id":65158752,"uuid":"565945924","full_name":"advanced-security/set-codeql-language-matrix","owner":"advanced-security","description":"Automatically set the CodeQL matrix job using the languages in your repository.","archived":false,"fork":false,"pushed_at":"2024-10-17T19:05:56.000Z","size":25,"stargazers_count":14,"open_issues_count":1,"forks_count":7,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-23T23:41:29.663Z","etag":null,"topics":["codeql"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/advanced-security.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":"SECURITY.md","support":"SUPPORT.md","governance":null,"roadmap":null,"authors":null}},"created_at":"2022-11-14T16:50:04.000Z","updated_at":"2025-03-14T12:54:57.000Z","dependencies_parsed_at":"2024-01-13T14:43:15.164Z","dependency_job_id":"0ebbe947-016c-4571-8fc2-9ff9ca1dd42a","html_url":"https://github.com/advanced-security/set-codeql-language-matrix","commit_stats":{"total_commits":16,"total_committers":1,"mean_commits":16.0,"dds":0.0,"last_synced_commit":"2b7d3da61937e117d4fa02734c28a119115f8888"},"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/advanced-security%2Fset-codeql-language-matrix","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/advanced-security%2Fset-codeql-language-matrix/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/advanced-security%2Fset-codeql-language-matrix/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/advanced-security%2Fset-codeql-language-matrix/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/advanced-security","download_url":"https://codeload.github.com/advanced-security/set-codeql-language-matrix/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251355246,"owners_count":21576321,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["codeql"],"created_at":"2024-08-04T02:00:35.117Z","updated_at":"2025-04-28T17:30:49.107Z","avatar_url":"https://github.com/advanced-security.png","language":"Python","readme":"# Set CodeQL Language Matrix\n\nThis action reads the languages API for your repository and sets the CodeQL supported languages as the job matrix for your Actions run.\n\n## Background \n\nThe default Actions workflow for CodeQL auto-populates the job matrix with your repo's supported CodeQL languages.  However, as new code is added to a repository, that language matrix is not updated.  You need to manually add those languages to the matrix definition to have CodeQL scan them.  \n\nThis action reads the repository languages API and adds all supported languages to the job matrix.  No additional configuration is required.\n\nLearn more about the supported CodeQL languages [here](https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed)\n\n## How to use this action\n\nCall this action before defining the CodeQL analyze job strategy, then set the matrix to the output from the action: `${{ fromJSON(needs.create-matrix.outputs.matrix) }}`\n\n**Example**\n``` yaml\nname: \"CodeQL Auto Language\"\n\non:\n  push:\n    branches: [ main ]\n  pull_request:\n    branches: [ main ]\n  schedule:\n    - cron: '17 19 * * 6'\n\njobs:\n  create-matrix:\n    runs-on: ubuntu-latest\n    outputs:\n      matrix: ${{ steps.set-matrix.outputs.languages }}\n    steps:\n      - name: Get languages from repo\n        id: set-matrix\n        uses: advanced-security/set-codeql-language-matrix@v1\n        with:\n          access-token: ${{ secrets.GITHUB_TOKEN }}\n          endpoint: ${{ github.event.repository.languages_url }}\n          \n  analyze:\n    needs: create-matrix\n    if: ${{ needs.create-matrix.outputs.matrix != '[]' }}\n    name: Analyze\n    runs-on: ubuntu-latest\n    permissions:\n      actions: read\n      contents: read\n      security-events: write\n\n    strategy:\n      fail-fast: false\n      matrix: \n        language: ${{ fromJSON(needs.create-matrix.outputs.matrix) }}\n\n    steps:\n    - name: Checkout repository\n      uses: actions/checkout@v3\n\n    # Initializes the CodeQL tools for scanning.\n    - name: Initialize CodeQL\n      uses: github/codeql-action/init@v3\n      with:\n        languages: ${{ matrix.language }}\n \n    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).\n    - name: Autobuild\n      uses: github/codeql-action/autobuild@v3\n\n    - name: Perform CodeQL Analysis\n      uses: github/codeql-action/analyze@v3\n      with:\n        category: \"/language:${{matrix.language}}\"\n```      \n\n### Excluding CodeQL Languages\nIt's possible you may choose to exclude specific languages from your CodeQL scans. In that case, use the `exclude` input.\n\nExample:\n``` yaml\n  create-matrix:\n    runs-on: ubuntu-latest\n    outputs:\n      matrix: ${{ steps.set-matrix.outputs.languages }}\n    steps:\n      - name: Get languages from repo\n        id: set-matrix\n        uses: advanced-security/set-codeql-language-matrix@v1\n        with:\n          access-token: ${{ secrets.GITHUB_TOKEN }}\n          endpoint: ${{ github.event.repository.languages_url }}\n          exclude: 'java, python'\n\n```\n\n### Swift support\nIf you want to include Swift in your CodeQL analysis, you need to ensure that the action runs on a macOS runner. This is because Swift analysis with CodeQL requires a macOS environment. You can achieve this by making the `runs-on` field in your workflow conditional based on the language being analyzed.\n\nExample:\n``` yaml\n  analyze:\n    needs: create-matrix\n    if: ${{ needs.create-matrix.outputs.matrix != '[]' }}\n    name: Analyze\n    runs-on: ${{ matrix.language == 'swift' \u0026\u0026 'macos-latest' || 'ubuntu-latest' }}\n    permissions:\n      actions: read\n      contents: read\n      security-events: write\n```\n\nIf you want to run all languages **other than Swift** on a specific group of runners, you can adjust the `runs-on` line in your workflow as shown in the following example:\n``` yaml\n    runs-on: ${{ matrix.language == 'swift' \u0026\u0026 'macos-latest' || fromJSON('{\"group\":\"runner-group-name\"}') }}\n```\n\n## License \n\nThis project is licensed under the terms of the MIT open source license. Please refer to [MIT](./LICENSE.md) for the full terms.\n\n## Maintainers \n\nTake a look at [CODEOWNERS](./CODEOWNERS.md) to identify the maintainers.  \n\n## Support\n\nGot a question or issue?  Open an issue in this repo and tag any of the folks in [CODEOWNERS](./CODEOWNERS.md).\n","funding_links":[],"categories":["CodeQL Actions Helpers"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadvanced-security%2Fset-codeql-language-matrix","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fadvanced-security%2Fset-codeql-language-matrix","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadvanced-security%2Fset-codeql-language-matrix/lists"}