diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index c383eab..b187c5a 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -33,7 +33,8 @@ "ms-azuretools.vscode-docker", "github.vscode-github-actions", "GitHub.copilot", - "GitHub.copilot-chat" + "GitHub.copilot-chat", + "GitHub.vscode-codeql" ] } } diff --git a/.devcontainer/post-create.sh b/.devcontainer/post-create.sh index 6f41770..255b504 100644 --- a/.devcontainer/post-create.sh +++ b/.devcontainer/post-create.sh @@ -1,8 +1,8 @@ #! /bin/bash # stuff to do on container before using it -sudo apt update -y -sudo apt upgrade -y +# sudo apt update -y +# sudo apt upgrade -y # sudo apt install awscli -y -# sudo apt install nodejs -y -# npm install -g npm@9.1.1 +sudo apt install nodejs -y +npm install -g npm@9.1.1 # npm install -g aws-cdk diff --git a/.github/workflows/code-ql-workflow.yml b/.github/workflows/code-ql-workflow.yml new file mode 100644 index 0000000..107a5c3 --- /dev/null +++ b/.github/workflows/code-ql-workflow.yml @@ -0,0 +1,23 @@ +name: CodeQL Analysis + +on: + push: + branches: + - main + pull_request: + branches: + - main + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + + - name: Build and analyze + uses: github/codeql-action/analyze@v3 \ No newline at end of file diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 278c280..981b996 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -1,5 +1,13 @@ name: 'Dependency Review Action' -on: [pull_request] + +on: + push: + branches: + - main + pull_request: + branches: + - main + permissions: contents: read jobs: diff --git a/src/badcode.ts b/src/badcode.ts new file mode 100644 index 0000000..e69de29