Skip to content

Commit

Permalink
Merge branch 'main' into dependabot/npm_and_yarn/npm_and_yarn-9c82107677
Browse files Browse the repository at this point in the history
  • Loading branch information
rekmarks authored Dec 2, 2024
2 parents b5cccd0 + 3c8a463 commit d7ad9e0
Showing 1 changed file with 43 additions and 0 deletions.
43 changes: 43 additions & 0 deletions .github/workflows/security-code-scanner.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
name: 'MetaMask Security Code Scanner'

on:
push:
branches: ['main']
pull_request:
branches: ['main']

jobs:
run-security-scan:
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- name: MetaMask Security Code Scanner
uses: MetaMask/Security-Code-Scanner@main
with:
repo: ${{ github.repository }}
paths_ignored: |
.storybook/
'**/__snapshots__/'
'**/*.snap'
'**/*.stories.js'
'**/*.stories.tsx'
'**/*.test.browser.ts*'
'**/*.test.js*'
'**/*.test.ts*'
'**/fixtures/'
'**/jest.config.js'
'**/jest.environment.js'
'**/mocks/'
'**/test*/'
docs/
e2e/
merged-packages/
node_modules
storybook/
test*/
rules_excluded: example
project_metrics_token: ${{ secrets.SECURITY_SCAN_METRICS_TOKEN }}
slack_webhook: ${{ secrets.APPSEC_BOT_SLACK_WEBHOOK }}

0 comments on commit d7ad9e0

Please sign in to comment.