2.11.24 Update StackHawk configuration #208
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Name of the GitHub Actions workflow | |
name: CodeQL Analysis for JavaScript | |
on: | |
# Trigger the workflow on the following events: | |
# Scan changed files in Pull Requests (diff-aware scanning). | |
pull_request: {} | |
# Trigger the workflow on-demand through the GitHub Actions interface. | |
workflow_dispatch: {} | |
# Scan mainline branches (main and development) and report all findings. | |
push: | |
branches: ["development"] | |
# Define the jobs to be executed within the workflow | |
jobs: | |
build: | |
name: Scan JavaScript code with CodeQL | |
runs-on: [ 'ubuntu-latest' ] # Use the latest version of Ubuntu | |
permissions: | |
actions: read | |
contents: read | |
security-events: write | |
strategy: | |
fail-fast: false | |
matrix: | |
language: [ 'javascript' ] | |
# CodeQL supports [ 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' ] | |
# Use only 'java-kotlin' to analyze code written in Java, Kotlin or both | |
# Use only 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both | |
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@main | |
# Action to check out the code from the repository | |
# This step fetches the codebase from the GitHub repository | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@main | |
with: | |
languages: javascript | |
# Action to initialize the CodeQL environment | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@main | |
with: | |
# Specify a category to distinguish between multiple analyses | |
# for the same tool and ref. If you don't use `category` in your workflow, | |
# GitHub will generate a default category name for you | |
category: "Scan-JavaScript-code-with-CodeQL" | |