From b1e34e861b5d732afe828d58aad2c638135061fd Mon Sep 17 00:00:00 2001
From: Mehmet Samet Duman <yongdohyun@projecttick.org>
Date: Thu, 2 Apr 2026 19:30:47 +0300
Subject: NOISSUE Add GitHub workflows for Project Tick project

- Create CodeQL analysis workflow for security checks on meshmc codebase.
- Add container build workflow for meshmc using Podman and Buildah.
- Implement scheduled flake update workflow for Nix dependencies.
- Introduce merge blocking PR automation to manage dependent PRs.
- Set up Nix build workflow for meshmc with multi-platform support.
- Add release workflow for publishing MeshMC artifacts on GitHub.
- Create CI workflow for tomlplusplus library with multi-compiler support.
- Implement CI workflow for uvim with various feature sets and architectures.
- Add .gitignore to exclude build artifacts and IDE files.
- Create .gitattributes files for various submodules to manage line endings and diff settings.
- Add post-receive hook for mirroring pushes to multiple forges.
- Include .gitignore files for images4docker and other submodules to manage temporary files.

Signed-off-by: Mehmet Samet Duman <yongdohyun@projecttick.org>
---
 .github/workflows/meshmc-codeql.yml | 59 +++++++++++++++++++++++++++++++++++++
 1 file changed, 59 insertions(+)
 create mode 100644 .github/workflows/meshmc-codeql.yml

(limited to '.github/workflows/meshmc-codeql.yml')

diff --git a/.github/workflows/meshmc-codeql.yml b/.github/workflows/meshmc-codeql.yml
new file mode 100644
index 0000000000..6dd764849a
--- /dev/null
+++ b/.github/workflows/meshmc-codeql.yml
@@ -0,0 +1,59 @@
+name: "MeshMC: CodeQL"
+
+concurrency:
+  group: meshmc-codeql-${{ github.ref }}
+  cancel-in-progress: true
+
+on:
+  merge_group:
+    types: [checks_requested]
+  pull_request:
+    paths:
+      - 'meshmc/**'
+      - '.github/workflows/meshmc-codeql.yml'
+  workflow_dispatch:
+
+permissions: {}
+
+jobs:
+  CodeQL:
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+      security-events: write
+
+    defaults:
+      run:
+        working-directory: meshmc
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v6
+        with:
+          submodules: "true"
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v4
+        with:
+          config-file: ./.github/codeql/codeql-config.yml
+          queries: security-and-quality
+          languages: cpp, java
+
+      - name: Setup dependencies
+        uses: ./.github/actions/meshmc/setup-dependencies
+        with:
+          build-type: Debug
+          qt-version: 6.9.3
+
+      - name: Configure and Build
+        run: |
+          cmake --preset linux -DLauncher_USE_PCH=OFF
+          cmake --build --preset linux --config Debug
+
+      - name: Run tests
+        run: |
+          ctest --preset linux --build-config Debug --extra-verbose --output-on-failure
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v4
-- 
cgit 0.0.5-2-1-g0f52