Bump the npm_and_yarn group across 2 directories with 9 updates #5
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CodeQL Example04 Direct Dockerpull and Scan | |
| on: | |
| # push: | |
| # branches: [ main ] | |
| pull_request: | |
| branches: [ main ] | |
| jobs: | |
| Container_Example04_DockerBuild_and_Scan: | |
| name: Analyze | |
| runs-on: 'Ubuntu-latest' | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| language: [ 'python' ] | |
| container: | |
| image: jkafaty/codeql-dockerapp-example | |
| options: --user root | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Fix permissions and Install Python3 | |
| run: | | |
| chown root:root -R /github/home/ && \ | |
| chmod 777 -R /github/home/ && \ | |
| chown root:root -R /__w/_actions/github/codeql-action/ && \ | |
| chmod 777 -R /__w/_actions/github/codeql-action/ && \ | |
| apt-get update && apt-get install -y python3 python3-pip | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v2 | |
| with: | |
| languages: ${{ matrix.language }} | |
| - name: Autobuild | |
| uses: github/codeql-action/autobuild@v2 | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v2 | |