➕ feature bento grid structure + swapy library #12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "CodeQL Analysis" | |
| # runs on every push to the main branch, every pull request, and once a week | |
| on: | |
| push: | |
| branches: ["main", "master", "develop"] | |
| pull_request: | |
| branches: ["main", "master", "develop"] | |
| schedule: | |
| - cron: "0 0 * * 3,0" # Runs every Wednesday & Sunday at midnight UTC | |
| jobs: | |
| analyze: | |
| name: Analyze | |
| runs-on: ubuntu-latest | |
| permissions: | |
| security-events: write | |
| actions: read | |
| contents: read | |
| packages: read | |
| pull-requests: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "18" | |
| cache: "npm" | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v3 | |
| with: | |
| languages: javascript | |
| queries: security-extended,security-and-quality | |
| config-file: .github/codeql-config.yml # Path to the CodeQL configuration file | |
| - name: Run ESLint | |
| run: npm run lint -- --max-warnings=0 | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v3 | |
| with: | |
| category: "/language:javascript" | |
| - name: Add PR Comment with Results | |
| if: github.event_name == 'pull_request' | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| const fs = require('fs'); | |
| const ref = context.payload.pull_request ? context.payload.pull_request.head.sha : context.sha; | |
| const scanResults = await github.rest.codeScanning.listAlertsForRepo({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| ref: ref | |
| }); | |
| let comment = '🌀 **codeql analysis results**\n\n'; | |
| if (scanResults.data.length === 0) { | |
| comment += '✅ no issues found!\n'; | |
| } else { | |
| comment += '🚨 found the following issues:\n\n'; | |
| scanResults.data.forEach(alert => { | |
| comment += `- [${alert.rule.description}](${alert.html_url}) (${alert.rule.severity})\n`; | |
| }); | |
| } | |
| await github.rest.issues.createComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: context.issue.number, | |
| body: comment | |
| }); |