Add Swift CodeQL analysis for macOS system audio helper#103
Merged
Conversation
CodeQL's Swift autobuild fails on this repo: Swift is a compiled language, and autobuild looks for an Xcode or SwiftPM project, but the only Swift here is the bare macOS system-audio helper that check.sh compiles directly with swiftc. Add a swift matrix entry on macos-latest with build-mode manual, tracing the same swiftc invocation check.sh uses, so the helper actually gets scanned. https://claude.ai/code/session_01Rx5VddzEgBSvjT21fjaWYi
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Extends CodeQL analysis to include the Swift macOS system audio helper by adding a new matrix configuration that runs on macOS with manual build mode, since Swift is a compiled language that requires an actual build step.
Changes
includematrix that specifies OS and build-mode for each language:ubuntu-latestwithbuild-mode: nonemacos-latestwithbuild-mode: manualruns-onfrom hardcodedubuntu-latestto${{ matrix.os }}to support macOS runners${{ matrix.build-mode }}instead of hardcodednoneswiftcwhenmatrix.build-mode == 'manual', linking required frameworks (ScreenCaptureKit, AVFoundation, CoreMedia, CoreGraphics)Implementation Details
The Swift build step mirrors the compilation invocation used in
scripts/check.sh, ensuring CodeQL observes the same build that the project uses. The conditional execution (if: matrix.build-mode == 'manual') keeps the step isolated to Swift analysis runs only.https://claude.ai/code/session_01Rx5VddzEgBSvjT21fjaWYi