scan.yml

 1---
 2name: scan
 3
 4on:
 5  push:
 6    branches: [master]
 7  pull_request:
 8    branches: [master]
 9  schedule:
10    - cron: '0 12 * * 6'
11
12permissions:
13  security-events: write
14
15jobs:
16  codeql:
17    runs-on: ubuntu-latest
18    steps:
19      - name: Checkout repository
20        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
21        with:
22          fetch-depth: 2
23
24      - name: Initialize CodeQL
25        uses: github/codeql-action/init@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16
26        with:
27          languages: go, javascript
28
29      - name: Autobuild
30        uses: github/codeql-action/autobuild@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16
31
32      - name: Perform CodeQL Analysis
33        uses: github/codeql-action/analyze@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16