From 57fb5f14038c6bef804f7b21d25055230508a8f6 Mon Sep 17 00:00:00 2001 From: gaspardmoindrot Date: Wed, 24 May 2023 22:35:45 +0000 Subject: [PATCH] =?UTF-8?q?[CLDSRV-388]=20=E2=9C=A8=20Implement=20GHAS?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/codeql.yaml | 25 ++++++++++++++++++++++++ .github/workflows/dependency-review.yaml | 16 +++++++++++++++ 2 files changed, 41 insertions(+) create mode 100644 .github/workflows/codeql.yaml create mode 100644 .github/workflows/dependency-review.yaml diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml new file mode 100644 index 0000000000..9a2fc7d704 --- /dev/null +++ b/.github/workflows/codeql.yaml @@ -0,0 +1,25 @@ +--- +name: codeQL + +on: + push: + branches: [development/*, stabilization/*, hotfix/*] + pull_request: + branches: [development/*, stabilization/*, hotfix/*] + workflow_dispatch: + +jobs: + analyze: + name: Static analysis with CodeQL + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: javascript, python, ruby + + - name: Build and analyze + uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml new file mode 100644 index 0000000000..4716cdfd1f --- /dev/null +++ b/.github/workflows/dependency-review.yaml @@ -0,0 +1,16 @@ +--- +name: dependency review + +on: + pull_request: + branches: [development/*, stabilization/*, hotfix/*] + +jobs: + dependency-review: + runs-on: ubuntu-latest + steps: + - name: 'Checkout Repository' + uses: actions/checkout@v3 + + - name: 'Dependency Review' + uses: actions/dependency-review-action@v3