Zengtudor/Nuxt
1
0
Fork 0
mirror of https://github.com/nuxt/nuxt.git synced 2024-11-11 08:33:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

ci: scan source files with codeql (#28943)

Browse Source
This commit is contained in:
Daniel Roe 2024-09-11 12:50:34 +01:00
parent 4fd24381c2
commit 757906e884
No known key found for this signature in database
GPG Key ID: 3714AB03996F442B
1 changed files with 3 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
.github/workflows/ci.yml vendored
View File

@ -70,8 +70,6 @@ jobs:
actions: read actions: read
contents: read contents: read
security-events: write security-events: write
needs:
- build
steps: steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
@ -81,15 +79,12 @@ jobs:
node-version: 20 node-version: 20
cache: "pnpm" cache: "pnpm"
- name: Install dependencies
run: pnpm install
- name: Initialize CodeQL - name: Initialize CodeQL
uses: github/codeql-action/init@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 uses: github/codeql-action/init@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
with: with:
config: | config: |
paths: paths:
- 'packages/*/dist/**' - 'packages/*/src/**'
- 'packages/nuxt/bin/**' - 'packages/nuxt/bin/**'
- 'packages/schema/schema/**' - 'packages/schema/schema/**'
paths-ignore: paths-ignore:
@ -97,19 +92,13 @@ jobs:
- '**/*.spec.ts' - '**/*.spec.ts'
- '**/*.test.ts' - '**/*.test.ts'
- '**/__snapshots__/**' - '**/__snapshots__/**'
languages: javascript languages: javascript-typescript
queries: +security-and-quality queries: +security-and-quality
- name: Restore dist cache
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: dist
path: packages
- name: Perform CodeQL Analysis - name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 uses: github/codeql-action/analyze@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
with: with:
category: "/language:javascript" category: "/language:javascript-typescript"
typecheck: typecheck:
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}