Skip to content

Security audit

Security audit #220

Workflow file for this run

name: Security audit
on:
schedule:
# Runs at 00:00 UTC everyday
- cron: '0 0 * * *'
pull_request:
paths:
- 'deps/**'
- '.github/workflows/audit.yml'
- package.json
- lib/**
- src/**
jobs:
rust-audit:
runs-on: ubuntu-22.04
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: EmbarkStudios/cargo-deny-action@8371184bd11e21dcf8ac82ebf8c9c9f74ebf7268 # v2.0.1
with:
manifest-path: "deps/swc/bindings/binding_typescript_wasm/Cargo.toml"
typescript-audit:
runs-on: ubuntu-22.04
permissions:
security-events: write
packages: read
actions: read
contents: read
strategy:
matrix:
include:
- language: javascript-typescript
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Initialize CodeQL
uses: github/codeql-action/init@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
with:
languages: ${{ matrix.language }}
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
with:
category: "/language:${{matrix.language}}"