Skip to content
Code Scan

Bump @types/node from 16.18.23 to 16.18.46 #90

Sign in to view logs

Bump @types/node from 16.18.23 to 16.18.46

Bump @types/node from 16.18.23 to 16.18.46 #90

Workflow file for this run

.github/workflows/code-scan.yml at b46f830
name: Code Scan
on:
push:
paths-ignore:
- '**.md'
pull_request:
types: [opened, synchronize, reopened]
paths-ignore:
- '**.md'
schedule:
- cron: '42 13 * * 6'
permissions:
actions: read
contents: read
security-events: write
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: javascript
- name: Setup pnpm
uses: pnpm/action-setup@v2
- name: Determine pnpm store location
id: pnpm-store
run: echo "pnpm-store=$(pnpm store path)" >> "$GITHUB_OUTPUT"
- name: Cache pnpm modules
uses: actions/cache@v3
with:
path: ${{ steps.pnpm-store.outputs.pnpm-store }}
key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-
- name: pnpm install
run: pnpm install -r
- name: Build
run: pnpm build
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
with:
category: /language:javascript
- name: Install ESLint
run: pnpm install -w @microsoft/eslint-formatter-sarif
- name: Run ESLint
run: pnpm eslint
--format @microsoft/eslint-formatter-sarif
--output-file eslint-results.sarif
|| true
continue-on-error: true
- name: Upload eslint results to GitHub
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: eslint-results.sarif
- name: Run njsscan scan
uses: ajinabraham/njsscan-action@v7
with:
args: packages/*/lib/*.js
--sarif
--output njsscan-results.sarif
continue-on-error: true
- name: Upload njsscan report to GitHub
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: njsscan-results.sarif