fix(adapter-vite): rewrite npm: specifiers from JSR source to bare sp… #40
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # CodeQL Security Analysis | |
| # | |
| # Analyzes LessJS TypeScript source code for security vulnerabilities | |
| # and code quality issues using GitHub's CodeQL engine. | |
| # | |
| # For Deno/TypeScript projects, CodeQL's JS/TS extractor can analyze | |
| # source files directly without a build step. | |
| name: CodeQL | |
| on: | |
| push: | |
| branches: [main, dev] | |
| pull_request: | |
| branches: [main, dev] | |
| schedule: | |
| # Weekly scan on Sunday at 08:00 UTC | |
| - cron: '0 8 * * 0' | |
| workflow_dispatch: | |
| jobs: | |
| analyze: | |
| name: Analyze TypeScript | |
| runs-on: ubuntu-latest | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| language: ['javascript-typescript'] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v3 | |
| with: | |
| languages: ${{ matrix.language }} | |
| # Deno project — no build step needed for TS source analysis | |
| # CodeQL JS/TS extractor works on raw source files | |
| queries: security-extended,security-and-quality | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v3 | |
| with: | |
| category: '/language:${{matrix.language}}' |