chore(ci): codeql scans and security policy

Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
2024-04-19 12:03:54 +02:00 · 2021-12-06 09:59:21 -03:00 · 2021-12-06 09:59:21 -03:00 · 6d484a1bb1
parent 76a5fe0d08
commit 6d484a1bb1
2 changed files with 30 additions and 0 deletions
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -0,0 +1,21 @@
+name: "codeql"
+
+on:
+  push:
+    branches: [ main ]
+
+jobs:
+  analyze:
+    name: analyze
+    runs-on: ubuntu-latest
+
+    permissions:
+      security-events: write
+      actions: read
+      contents: read
+
+    steps:
+    - uses: actions/checkout@v2
+    - uses: github/codeql-action/init@v1
+    - uses: github/codeql-action/autobuild@v1
+    - uses: github/codeql-action/analyze@v1
--- a/SECURITY.md
+++ b/SECURITY.md
@ -0,0 +1,9 @@
+# Security Policy
+
+## Supported Versions
+
+Only the last stable version at any given point.
+
+## Reporting a Vulnerability
+
+Vulnerabilies can be disclosed via email to carlos@becker.software