-
-
Notifications
You must be signed in to change notification settings - Fork 3
45 lines (38 loc) · 1.24 KB
/
codeql.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
name: CodeQL Analysis
# **What it does**: This runs CodeQL on this repo.
# **Why we have it**: Security scanning.
on:
push:
branches:
- main
pull_request:
branches:
- main
paths:
- "**/*.html"
- "**/*.js"
- "**/*.yml"
types: [opened, ready_for_review, reopened, synchronize]
permissions:
security-events: write
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: "${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}"
cancel-in-progress: true
jobs:
build:
if: github.event.pull_request.draft == false
runs-on: ubuntu-latest
steps:
- name: Check out repo
uses: actions/checkout@v4
with:
persist-credentials: false
# Initialises the CodeQL tools for scanning
- name: Initialise CodeQL
uses: github/codeql-action/init@v2
with:
languages: javascript
config-file: ./.github/codeql-config.yml
- name: Perform CodeQL analysis
uses: github/codeql-action/analyze@v2