actions-toolkit/.github/workflows/codeql.yml
CrazyMax 191def3857
ci: enable SAST scanning with CodeQL
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-10-28 08:31:56 +02:00

42 lines
801 B
YAML

name: codeql
on:
push:
branches:
- 'main'
pull_request:
permissions:
actions: read
contents: read
security-events: write
env:
NODE_VERSION: 20
jobs:
analyze:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Node
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
-
name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: javascript-typescript
-
name: Autobuild
uses: github/codeql-action/autobuild@v2
-
name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
with:
category: "/language:javascript-typescript"