blackroad-os/context-bridge
9
0
Fork 0
mirror of https://github.com/blackboxprogramming/context-bridge.git synced 2026-03-16 23:57:16 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
f336a3ca53533015151a5c1d962e5519e2fb0e2d
context-bridge/.github/workflows/security-scan.yml
Your Name f336a3ca53 ci: add GitHub Actions CI/CD workflows 
 Phase 6: GitHub CI/CD Automation

Added workflows:
- Security scanning (CodeQL + dependency scan)
- Auto-deployment (Cloudflare Pages)
- Self-healing (health checks + auto-rollback)
- Dependabot (automated dependency updates)

Deployed by: Phase 6 automation
2026-02-14 17:00:18 -06:00

56 lines
1.2 KiB
YAML
Raw Blame History

name: 🔒 Security Scan
on:
push:
branches: [main, master, dev]
pull_request:
branches: [main, master]
schedule:
- cron: '0 0 * * 0'
workflow_dispatch:
permissions:
contents: read
security-events: write
actions: read
jobs:
codeql:
name: CodeQL Analysis
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
language: ['javascript', 'typescript', 'python']
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
- name: Autobuild
uses: github/codeql-action/autobuild@v3
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
dependency-scan:
name: Dependency Scan
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Run npm audit
if: hashFiles('package.json') != ''
run: npm audit --audit-level=moderate || true
- name: Dependency Review
uses: actions/dependency-review-action@v4
if: github.event_name == 'pull_request'
Reference in New Issue View Git Blame Copy Permalink