Skip to content

Security audit

Security audit #142

Workflow file for this run

name: Security audit
on:
schedule:
# Runs at 00:00 UTC everyday
- cron: '0 0 * * *'
pull_request:
paths:
- 'deps/**'
- '.github/workflows/audit.yml'
- package.json
- lib/**
- src/**
jobs:
rust-audit:
runs-on: ubuntu-22.04
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: EmbarkStudios/cargo-deny-action@8371184bd11e21dcf8ac82ebf8c9c9f74ebf7268 # v2.0.1
with:
manifest-path: "deps/swc/bindings/binding_typescript_wasm/Cargo.toml"
typescript-audit:
runs-on: ubuntu-22.04
permissions:
security-events: write
packages: read
actions: read
contents: read
strategy:
matrix:
include:
- language: javascript-typescript
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Initialize CodeQL
uses: github/codeql-action/init@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8
with:
languages: ${{ matrix.language }}
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8
with:
category: "/language:${{matrix.language}}"