Code scanning default setup will now also analyze the repository's default branch following a pre-configured schedule (like GitHub Actions' on: schedule trigger).
Intended Outcome
Analyzing the default branch on schedule ensures that a repository's code is scanned and protected even when it is not actively contributed to. This means that repositories will automatically benefit from updates to the CodeQL analysis, even when there are no code changes. This brings the CodeQL default setup configuration in line with the CodeQL starter workflow.
How will it work?
Code scanning default setup sets up CodeQL on a repository without committing a workflow file. This now also analyzes the default branch on weekly schedule. This brings the CodeQL default setup configuration in line with the CodeQL starter workflow.
Summary
Code scanning default setup will now also analyze the repository's default branch following a pre-configured schedule (like GitHub Actions'
on: schedule
trigger).Intended Outcome
Analyzing the default branch on schedule ensures that a repository's code is scanned and protected even when it is not actively contributed to. This means that repositories will automatically benefit from updates to the CodeQL analysis, even when there are no code changes. This brings the CodeQL default setup configuration in line with the CodeQL starter workflow.
How will it work?
Code scanning default setup sets up CodeQL on a repository without committing a workflow file. This now also analyzes the default branch on weekly schedule. This brings the CodeQL default setup configuration in line with the CodeQL starter workflow.