Archived
1
0

chore: clean up names in security.yaml

This commit is contained in:
Joe Previte 2022-09-19 13:11:46 -07:00
parent 6f7133b149
commit 08a7fdf93f
No known key found for this signature in database
GPG Key ID: 2C91590C6B742C24

View File

@ -1,4 +1,4 @@
name: "Security Scanning" name: Security
on: on:
push: push:
@ -19,7 +19,7 @@ concurrency:
jobs: jobs:
audit-ci: audit-ci:
name: Run audit-ci name: Audit node modules
runs-on: ubuntu-latest runs-on: ubuntu-latest
timeout-minutes: 15 timeout-minutes: 15
steps: steps:
@ -51,6 +51,7 @@ jobs:
if: success() if: success()
trivy-scan-repo: trivy-scan-repo:
name: Scan repo with Trivy
permissions: permissions:
contents: read # for actions/checkout to fetch code contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
@ -82,7 +83,7 @@ jobs:
actions: read # for github/codeql-action/init to get workflow details actions: read # for github/codeql-action/init to get workflow details
contents: read # for actions/checkout to fetch code contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/autobuild to send a status report security-events: write # for github/codeql-action/autobuild to send a status report
name: Analyze name: Analyze with CodeQL
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps: