diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml new file mode 100644 index 0000000..79ec955 --- /dev/null +++ b/.github/workflows/security-scan.yml @@ -0,0 +1,36 @@ +name: Security Scan + +on: + push: + branches: [main, develop] + pull_request: + branches: [main, develop] + schedule: + # 13:44 on Saturdays + - cron: '44 13 * * 6' + workflow_dispatch: + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + + strategy: + fail-fast: false + matrix: + language: ['javascript'] + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: ${{ matrix.language }} + + - name: Autobuild + uses: github/codeql-action/autobuild@v1 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 197cf4c..cbf45db 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -2,24 +2,27 @@ name: Tests on: push: - branches: [ main, develop ] + branches: [main, develop] pull_request: - branches: [ main, develop ] + branches: [main, develop] schedule: # 00:00 on Saturdays - - cron: '0 0 * * SAT' + - cron: '0 0 * * SAT' workflow_dispatch: jobs: test: + name: Test runs-on: ubuntu-latest strategy: + fail-fast: false matrix: node-version: [10.x, 14.x] steps: - - uses: actions/checkout@v2 + - name: Checkout repository + uses: actions/checkout@v2 with: fetch-depth: '2' @@ -27,8 +30,13 @@ jobs: uses: actions/setup-node@v1 with: node-version: ${{ matrix.node-version }} + - run: npm install - run: npm run lint + - run: npm run lint-demo + - run: npm run build + - run: npm run build-demo + - run: npm run build-types - run: npm run test - name: Upload test coverage report to Codecov