mirror of
https://github.com/nuxt/nuxt.git
synced 2025-01-18 17:35:57 +00:00
ci: analyse github actions with codeql (#30293)
This commit is contained in:
Daniel Roe
parent
f67fc574b9
commit
64871750f4
10
.github/codeql/codeql-config.yml
vendored
10
.github/codeql/codeql-config.yml
vendored
@ -1,10 +0,0 @@
|
||||
paths:
|
||||
- 'packages/*/dist/**'
|
||||
- 'packages/nuxt/bin/**'
|
||||
- 'packages/schema/schema/**'
|
||||
paths-ignore:
|
||||
- 'test/**'
|
||||
- '**/*.test.js'
|
||||
- '**/*.test.ts'
|
||||
- '**/*.test.tsx'
|
||||
- '**/__tests__/**'
|
||||
8
.github/workflows/ci.yml
vendored
8
.github/workflows/ci.yml
vendored
@ -69,6 +69,9 @@ jobs:
|
||||
codeql:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 10
|
||||
strategy:
|
||||
matrix:
|
||||
language: ['javascript-typescript', 'actions']
|
||||
permissions:
|
||||
actions: read
|
||||
contents: read
|
||||
@ -90,13 +93,12 @@ jobs:
|
||||
- '**/*.spec.ts'
|
||||
- '**/*.test.ts'
|
||||
- '**/__snapshots__/**'
|
||||
languages: javascript-typescript
|
||||
queries: +security-and-quality
|
||||
languages: ${{ matrix.language }}
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9
|
||||
with:
|
||||
category: "/language:javascript-typescript"
|
||||
category: "/language:${{ matrix.language }}"
|
||||
|
||||
typecheck:
|
||||
runs-on: ${{ matrix.os }}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user