mirror of
https://github.com/goreleaser/nfpm
synced 2024-04-19 12:03:54 +02:00
chore(ci): codeql scans and security policy
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
This commit is contained in:
parent
76a5fe0d08
commit
6d484a1bb1
|
@ -0,0 +1,21 @@
|
|||
name: "codeql"
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ main ]
|
||||
|
||||
jobs:
|
||||
analyze:
|
||||
name: analyze
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
permissions:
|
||||
security-events: write
|
||||
actions: read
|
||||
contents: read
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: github/codeql-action/init@v1
|
||||
- uses: github/codeql-action/autobuild@v1
|
||||
- uses: github/codeql-action/analyze@v1
|
|
@ -0,0 +1,9 @@
|
|||
# Security Policy
|
||||
|
||||
## Supported Versions
|
||||
|
||||
Only the last stable version at any given point.
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
Vulnerabilies can be disclosed via email to carlos@becker.software
|
Loading…
Reference in New Issue