This repository has been archived by the owner on Jul 20, 2024. It is now read-only.

chore(deps): update github/codeql-action digest to 563dcaf #4455

	name: Analysis and Scans
	on:
	push:
	branches:
	- main
	pull_request:
	branches:
	- main
	schedule:
	- cron: '0 12 * * 3'

	jobs:
	codeql:
	name: CodeQL Analysis
	runs-on: ubuntu-latest

	steps:
	- name: Checkout repository
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3

	- name: Initialize
	uses: github/codeql-action/init@563dcafdfe28a0bb82e2c272d84924f17b628540 # v2

	- name: Autobuild
	uses: github/codeql-action/autobuild@563dcafdfe28a0bb82e2c272d84924f17b628540 # v2

	- name: Perform analysis and upload results
	uses: github/codeql-action/analyze@563dcafdfe28a0bb82e2c272d84924f17b628540 # v2

	njsscan:
	name: NJS Scan
	runs-on: ubuntu-latest

	steps:
	- name: Checkout repository
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3

	- name: Perform scan
	uses: ajinabraham/njsscan-action@master
	with:
	args: '. --sarif --output results.sarif \|\| true'

	- name: Upload results
	uses: github/codeql-action/upload-sarif@563dcafdfe28a0bb82e2c272d84924f17b628540 # v2
	with:
	sarif_file: results.sarif

	ossar:
	name: OSSAR Analysis
	runs-on: windows-latest

	steps:
	- name: Checkout repository
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3

	- name: Perform analysis
	uses: github/ossar-action@v1
	id: analysis

	- name: Upload results
	uses: github/codeql-action/upload-sarif@563dcafdfe28a0bb82e2c272d84924f17b628540 # v2
	with:
	sarif_file: ${{ steps.analysis.outputs.sarifFile }}

Provide feedback