From 7e6156b956b99eb62ef6a4b9e35d4f3a5db3b3a4 Mon Sep 17 00:00:00 2001 From: David Mehren Date: Thu, 11 Nov 2021 20:14:41 +0100 Subject: [PATCH] ci: setup njsscan See: https://github.com/ajinabraham/njsscan-action Signed-off-by: David Mehren --- .github/workflows/njsscan-analysis.yml | 31 ++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 .github/workflows/njsscan-analysis.yml diff --git a/.github/workflows/njsscan-analysis.yml b/.github/workflows/njsscan-analysis.yml new file mode 100644 index 000000000..b9082622c --- /dev/null +++ b/.github/workflows/njsscan-analysis.yml @@ -0,0 +1,31 @@ +# SPDX-FileCopyrightText: 2021 The HedgeDoc developers (see AUTHORS file) +# +# SPDX-License-Identifier: AGPL-3.0-only + +name: "Njsscan Analysis" + +on: + push: + branches: [ develop ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ develop ] + schedule: + - cron: '0 7 * * 6' + +jobs: + njsscan: + runs-on: ubuntu-latest + name: Njsscan code scanning + steps: + - name: Checkout the code + uses: actions/checkout@v2 + - name: Scan with njsscan + id: njsscan + uses: ajinabraham/njsscan-action@master + with: + args: '--sarif --output results.sarif src || true' + - name: Upload njsscan report + uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: results.sarif