Skip to content
CodeQL

feat(creation): Add server-side priority consistency validation (#253… #73

Sign in to view logs

feat(creation): Add server-side priority consistency validation (#253…

feat(creation): Add server-side priority consistency validation (#253… #73

Workflow file for this run

.github/workflows/codeql.yml at c661365
# CodeQL security analysis for Shadow Master
# https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
name: CodeQL
on:
push:
branches: [main]
paths-ignore:
- "**/*.md"
- "docs/**"
- ".github/dependabot.yml"
pull_request:
branches: [main]
paths-ignore:
- "**/*.md"
- "docs/**"
- ".github/dependabot.yml"
schedule:
# Run weekly on Sunday at midnight to catch new vulnerabilities
- cron: "0 0 * * 0"
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
timeout-minutes: 30
permissions:
security-events: write
packages: read
actions: read
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Initialize CodeQL
uses: github/codeql-action/init@v4
with:
languages: javascript-typescript
# Use extended queries for broader security coverage
queries: security-extended
# Exclude test files, data, and build artifacts
config: |
paths-ignore:
- __tests__
- e2e
- data
- scripts
- "**/*.test.ts"
- "**/*.test.tsx"
- "**/*.spec.ts"
- "**/*.spec.tsx"
- name: Autobuild
uses: github/codeql-action/autobuild@v4
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v4
with:
category: "/language:javascript-typescript"