This repository was archived by the owner on Sep 24, 2024. It is now read-only.
Merge pull request #28 from femdevs/dependabot/npm_and_yarn/npm_and_y… #5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Security Scanning | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: [ "main" ] | |
| pull_request: | |
| branches: [ "main" ] | |
| schedule: | |
| - cron: '0 0 * * *' | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| jobs: | |
| security: | |
| name: Security Scanning | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@master | |
| - name: Setup Node version 20 | |
| uses: actions/setup-node@master | |
| with: | |
| node-version: 20 | |
| - name: Prepare Snyk | |
| uses: snyk/actions/setup@master | |
| - name: Run Code Tests | |
| run: | | |
| npm i | |
| mkdir cli-results | |
| snyk code test --sarif > cli-results/snyk.sarif | |
| npx eslint . --format @microsoft/eslint-formatter-sarif --output-file cli-results/eslint.sarif | |
| continue-on-error: true | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| - name: Upload Results to GitHub | |
| uses: github/codeql-action/upload-sarif@main | |
| with: | |
| sarif_file: cli-results | |
| wait-for-processing: true | |
| - name: Prepare CodeQL | |
| uses: github/codeql-action/init@main | |
| with: | |
| languages: javascript | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@main | |
| with: | |
| category: "/language:javascript" |