mirror of
https://github.com/DIYgod/RSSHub.git
synced 2025-12-20 08:43:31 +08:00
19d78c9d30
Some checks are pending
CodeQL / Analyze (javascript-typescript) (push) Waiting to run
Docker Release / check-env (push) Waiting to run
Docker Release / release (push) Blocked by required conditions
Docker Release / description (push) Blocked by required conditions
Format / Auto format (push) Waiting to run
Linter / Lint (push) Waiting to run
Linter / Validate PR title (push) Waiting to run
Linter / Pull Request Labeler (push) Waiting to run
npm Publish / npm publish (push) Waiting to run
Semgrep / Scan (push) Waiting to run
Test / fix-pnpm-lock (push) Waiting to run
Test / Vitest on Node ${{ matrix.node-version }} (20) (push) Waiting to run
Test / Vitest on Node ${{ matrix.node-version }} (22) (push) Waiting to run
Test / Vitest puppeteer on Node ${{ matrix.node-version }} with ${{ matrix.chromium.name }} (map[dependency: environment:{ "PUPPETEER_SKIP_DOWNLOAD": "0" } name:bundled Chromium], 20) (push) Waiting to run
Test / Vitest puppeteer on Node ${{ matrix.node-version }} with ${{ matrix.chromium.name }} (map[dependency: environment:{ "PUPPETEER_SKIP_DOWNLOAD": "0" } name:bundled Chromium], 22) (push) Waiting to run
Test / Vitest puppeteer on Node ${{ matrix.node-version }} with ${{ matrix.chromium.name }} (map[dependency:chromium-browser environment:{ "PUPPETEER_SKIP_DOWNLOAD": "1" } name:Chromium from Ubuntu], 20) (push) Waiting to run
Test / Vitest puppeteer on Node ${{ matrix.node-version }} with ${{ matrix.chromium.name }} (map[dependency:chromium-browser environment:{ "PUPPETEER_SKIP_DOWNLOAD": "1" } name:Chromium from Ubuntu], 22) (push) Waiting to run
Test / Vitest puppeteer on Node ${{ matrix.node-version }} with ${{ matrix.chromium.name }} (map[dependency:google-chrome-stable environment:{ "PUPPETEER_SKIP_DOWNLOAD": "1" } name:Chrome from Google], 20) (push) Waiting to run
Test / Vitest puppeteer on Node ${{ matrix.node-version }} with ${{ matrix.chromium.name }} (map[dependency:google-chrome-stable environment:{ "PUPPETEER_SKIP_DOWNLOAD": "1" } name:Chrome from Google], 22) (push) Waiting to run
Test / Build radar and maintainer on Node ${{ matrix.node-version }} (20) (push) Waiting to run
Test / Build radar and maintainer on Node ${{ matrix.node-version }} (22) (push) Waiting to run
Test / automerge (push) Blocked by required conditions
34 lines
881 B
YAML
34 lines
881 B
YAML
name: Semgrep
|
|
|
|
# https://semgrep.dev/docs/semgrep-ci/sample-ci-configs/#sample-github-actions-configuration-file
|
|
on:
|
|
pull_request_target:
|
|
branches:
|
|
- master
|
|
push:
|
|
branches:
|
|
- master
|
|
schedule:
|
|
# random HH:MM to avoid a load spike on GitHub Actions at 00:00
|
|
- cron: 21 20 * * *
|
|
|
|
jobs:
|
|
semgrep:
|
|
name: Scan
|
|
runs-on: ubuntu-latest
|
|
container:
|
|
image: returntocorp/semgrep
|
|
if: (github.triggering_actor != 'dependabot[bot]')
|
|
permissions:
|
|
security-events: write
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- run: semgrep ci --sarif > semgrep.sarif
|
|
env:
|
|
SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
|
|
- name: Upload SARIF file for GitHub Advanced Security Dashboard
|
|
uses: github/codeql-action/upload-sarif@v3
|
|
with:
|
|
sarif_file: semgrep.sarif
|
|
if: always()
|