OpenTTD-patches/.github/workflows/codeql.yml
Patric Stout 7634553d22 Feature: opt-in survey when exiting a game
On first start-up, the game will ask if you want to participate
in our automated survey. You have to opt-in, and can easily opt-out
(via the Options) at any time.

When opt-in, whenever you exit a game, a JSON blob will be send
to the survey server hosted by OpenTTD. This JSON blob contains
information that gives a global picture of the game just played:
- What settings were used
- How many humans vs AIs
- How long the game has been played
- Basic information about the OS / CPU

All this information is kept very generic, so there is no
chance we send private information to our survey server.
Nothing in the JSON blob could identify you as a person; it
mostly tells about the game played. At any time you can see
what the JSON blob includes, by pressing the "Preview Survey
Results" button in-game.
2023-05-14 23:22:02 +02:00

87 lines
2.0 KiB
YAML

name: CodeQL
on:
push:
branches:
- master
pull_request:
# The branches below must be a subset of the branches above
branches:
- master
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.ref != 'refs/heads/master' }}
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Install dependencies
run: |
echo "::group::Update apt"
sudo apt-get update
echo "::endgroup::"
echo "::group::Install dependencies"
sudo apt-get install -y --no-install-recommends \
liballegro4-dev \
libcurl4-openssl-dev \
libfontconfig-dev \
libharfbuzz-dev \
libicu-dev \
liblzma-dev \
liblzo2-dev \
libsdl2-dev \
nlohmann-json3-dev \
zlib1g-dev \
# EOF
echo "::endgroup::"
env:
DEBIAN_FRONTEND: noninteractive
- name: Set number of make jobs
run: |
echo "MAKEFLAGS=-j$(nproc)" >> $GITHUB_ENV
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: cpp
config-file: ./.github/codeql/codeql-config.yml
- name: Autobuild
uses: github/codeql-action/autobuild@v2
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
with:
category: /language:cpp
upload: False
output: sarif-results
- name: Filter out table & generated code
uses: advanced-security/filter-sarif@v1
with:
patterns: |
+**/*.*
-**/table/*.*
-**/generated/**/*.*
-**/tests/*.*
input: sarif-results/cpp.sarif
output: sarif-results/cpp.sarif
- name: Upload results
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: sarif-results/cpp.sarif