Skip to content

Security audit

Security audit #255

Workflow file for this run

name: Security audit
on:
schedule:
# Runs at 00:00 UTC everyday
- cron: '0 0 * * *'
pull_request:
paths:
- 'deps/**'
- '.github/workflows/audit.yml'
- package.json
- lib/**
- src/**
jobs:
rust-audit:
runs-on: ubuntu-22.04
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: EmbarkStudios/cargo-deny-action@e2f4ede4a4e60ea15ff31bc0647485d80c66cfba # v2.0.4
with:
manifest-path: "deps/swc/bindings/binding_typescript_wasm/Cargo.toml"
typescript-audit:
runs-on: ubuntu-22.04
permissions:
security-events: write
packages: read
actions: read
contents: read
strategy:
matrix:
include:
- language: javascript-typescript
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Initialize CodeQL
uses: github/codeql-action/init@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
with:
languages: ${{ matrix.language }}
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
with:
category: "/language:${{matrix.language}}"