diff options
author | Christian Oliff <christianoliff@pm.me> | 2022-09-12 04:05:56 +0300 |
---|---|---|
committer | Christian Oliff <christianoliff@pm.me> | 2022-10-07 12:41:02 +0300 |
commit | ed30cabf96a12387e1a42c27ec3df0f70eb0e63f (patch) | |
tree | 63300249c428ad6d29f9b929d0d0588d0f380b62 | |
parent | 3f2e26f77fe2432192627a41ad7302a4a0cfc96f (diff) |
Create codeql-analysis.ymlcodeql-analysis-1
Adds GitHub's CodeQL Analysis to find any potential security issues in the codebase.
https://github.com/github/codeql-action#codeql-action
-rw-r--r-- | .github/workflows/codeql-analysis.yml | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 000000000..f50343010 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,28 @@ +name: "CodeQL" + +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: 'javascript' + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 |