File tree Expand file tree Collapse file tree 1 file changed +42
-0
lines changed Expand file tree Collapse file tree 1 file changed +42
-0
lines changed Original file line number Diff line number Diff line change 1+ # This workflow uses actions that are not certified by GitHub.
2+ # They are provided by a third-party and are governed by
3+ # separate terms of service, privacy policy, and support
4+ # documentation.
5+
6+ # This workflow integrates njsscan with GitHub's Code Scanning feature
7+ # nodejsscan is a static security code scanner that finds insecure code patterns in your Node.js applications
8+
9+ name : njsscan sarif
10+
11+ on :
12+ push :
13+ branches : [ "main" ]
14+ pull_request :
15+ # The branches below must be a subset of the branches above
16+ branches : [ "main" ]
17+ schedule :
18+ - cron : ' 18 11 * * 4'
19+
20+ permissions :
21+ contents : read
22+
23+ jobs :
24+ njsscan :
25+ permissions :
26+ contents : read # for actions/checkout to fetch code
27+ security-events : write # for github/codeql-action/upload-sarif to upload SARIF results
28+ actions : read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
29+ runs-on : ubuntu-latest
30+ name : njsscan code scanning
31+ steps :
32+ - name : Checkout the code
33+ uses : actions/checkout@v4
34+ - name : nodejsscan scan
35+ id : njsscan
36+ uses : ajinabraham/njsscan-action@7237412fdd36af517e2745077cedbf9d6900d711
37+ with :
38+ args : ' . --sarif --output results.sarif || true'
39+ - name : Upload njsscan report
40+ uses : github/codeql-action/upload-sarif@v3
41+ with :
42+ sarif_file : results.sarif
You can’t perform that action at this time.
0 commit comments