envs
This commit is contained in:
Andrey Kondratev
7
.github/workflows/security.yml
vendored
7
.github/workflows/security.yml
vendored
@@ -34,13 +34,7 @@ jobs:
|
||||
- name: Run yarn audit
|
||||
run: yarn audit --level high
|
||||
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v3
|
||||
with:
|
||||
languages: javascript
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v3
|
||||
|
||||
docker-security:
|
||||
name: Docker Security Scan
|
||||
@@ -59,4 +53,3 @@ jobs:
|
||||
image-ref: 'quixotic:scan'
|
||||
format: 'sarif'
|
||||
output: 'trivy-results.sarif'
|
||||
|
||||
|
||||
Reference in New Issue
Block a user