ecshop/ECShopX
1
0
Fork 0
mirror of https://gitee.com/ShopeX/ECShopX synced 2026-05-15 02:35:40 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
ECShopX/tdd-guard/.github/workflows/security.yml
Kris f439bfffe8 4.4.0
2026-03-27 18:01:17 +08:00

68 lines
1.5 KiB
YAML
Raw Permalink Blame History

name: Security
on:
push:
branches: [main]
pull_request:
branches: [main]
schedule:
# Run security scans every Monday at 09:00 UTC
- cron: '0 9 * * 1'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
codeql:
name: CodeQL Analysis
runs-on: ubuntu-latest
timeout-minutes: 10
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: typescript
queries: security-extended
- name: Autobuild
uses: github/codeql-action/autobuild@v3
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
npm-audit:
name: NPM Audit
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 22
cache: npm
- name: Install dependencies
run: npm ci
- name: Run npm audit
run: npm audit --audit-level=moderate
all-security-checks-pass:
name: All Security Checks Pass
runs-on: ubuntu-latest
needs: [codeql, npm-audit]
steps:
- name: All security checks passed
run: echo "All security checks passed successfully!"
Reference in New Issue View Git Blame Copy Permalink