Skip to content

Security scan

Security scan #1505

Workflow file for this run

name: "Security scan"
on:
push:
branches: [master]
schedule:
- cron: '0 7 * * *'
workflow_dispatch:
jobs:
code-security:
name: Code security scan
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
language: ['javascript']
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
with:
languages: ${{ matrix.language }}
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
dependency-security:
name: Dependency security scan
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout repository
uses: actions/checkout@v2
- uses: actions/[email protected]
name: Install node
with:
node-version: '12.x'
- name: Build dependencies
run: npm ci --only=production
- name: Validate security of dependencies
run: npx audit-ci --high -a 1550 -a 1500 -a 786