Add CodeQL security scanning workflow
This commit is contained in:
lockbitchat
34
.github/workflows/codeql-analysis.yml
vendored
Normal file
34
.github/workflows/codeql-analysis.yml
vendored
Normal file
@@ -0,0 +1,34 @@
|
||||
name: "CodeQL Analysis"
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ "main" ]
|
||||
pull_request:
|
||||
branches: [ "main" ]
|
||||
schedule:
|
||||
- cron: '0 3 * * *'
|
||||
|
||||
jobs:
|
||||
analyze:
|
||||
name: Analyze CodeQL
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v2
|
||||
with:
|
||||
languages:
|
||||
- javascript
|
||||
- typescript
|
||||
|
||||
# 3. Автоматическая сборка (если есть)
|
||||
- name: Autobuild
|
||||
uses: github/codeql-action/autobuild@v2
|
||||
|
||||
# 4. Анализ кода с помощью CodeQL
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v2
|
||||
Reference in New Issue
Block a user