ossf/scorecard
1
1
Fork 0
mirror of https://github.com/ossf/scorecard.git synced 2024-08-15 03:10:33 +03:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity

🌱 Included codeql check for GitHub Actions (#988)

Browse Source 
Included codeql check for GitHub actions https://github.com/ossf/scorecard/issues/987
This commit is contained in:
Naveen 2021-09-09 18:02:11 -05:00 committed by GitHub
parent 870db56814
commit af24ed4d7f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.github/workflows/codeql-analysis.yml vendored
View File

@ -46,10 +46,7 @@ jobs:
strategy:
fail-fast: false
matrix:
language: [ 'go' ]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
# Learn more:
# https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
language: [ 'go','javascript' ]
steps:
- name: Checkout repository

17
codeql.js Normal file
View File

@ -0,0 +1,17 @@
// Copyright 2021 Security Scorecard Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// This file is required for codeql https://github.com/ossf/scorecard/issues/987
// do not delete this file.
console.log("codeql")