From 0885688b09776feff13ff25c26e73554e1152a29 Mon Sep 17 00:00:00 2001 From: Karen Xu Date: Tue, 25 May 2021 07:16:45 -0400 Subject: [PATCH] Add CodeQL Security Scan (#75) --- api/.github/workflows/codeql-analysis.yml | 34 +++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 api/.github/workflows/codeql-analysis.yml diff --git a/api/.github/workflows/codeql-analysis.yml b/api/.github/workflows/codeql-analysis.yml new file mode 100644 index 0000000000..c9efc6332b --- /dev/null +++ b/api/.github/workflows/codeql-analysis.yml @@ -0,0 +1,34 @@ +name: "CodeQL" + +on: + workflow_dispatch: + schedule: + # ┌───────────── minute (0 - 59) + # │ ┌───────────── hour (0 - 23) + # │ │ ┌───────────── day of the month (1 - 31) + # │ │ │ ┌───────────── month (1 - 12 or JAN-DEC) + # │ │ │ │ ┌───────────── day of the week (0 - 6 or SUN-SAT) + # │ │ │ │ │ + # │ │ │ │ │ + # │ │ │ │ │ + # * * * * * + - cron: '30 1 * * *' + +jobs: + CodeQL-Build: + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: javascript + + - name: Autobuild + uses: github/codeql-action/autobuild@v1 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1