Skip to content
This repository has been archived by the owner on Dec 17, 2024. It is now read-only.

Commit

Permalink
Merge pull request #596 from alphagov/add-sca-sast-scans
Browse files Browse the repository at this point in the history 
Add CodeQL (SAST) scan and Dependency Review (SCA) scan to CI pipeline
  • Loading branch information
@MuriloDalRi
MuriloDalRi authored Nov 24, 2023
2 parents b060b5e + 3088b89 commit 25d9a0f
Showing 1 changed file with 10 additions and 0 deletions.
10 changes: 10 additions & 0 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,16 @@ on:
workflow_dispatch:

jobs:
codeql-sast:
name: CodeQL SAST scan
uses: alphagov/govuk-infrastructure/.github/workflows/codeql-analysis.yml@main
permissions:
security-events: write

dependency-review:
name: Dependency Review scan
uses: alphagov/govuk-infrastructure/.github/workflows/dependency-review.yml@main

security-analysis:
name: Security Analysis
uses: alphagov/govuk-infrastructure/.github/workflows/brakeman.yml@main
Expand Down

0 comments on commit 25d9a0f

Please sign in to comment.