mirror of
https://github.com/huggingface/diffusers.git
synced 2026-04-08 08:41:47 +08:00
3211cd9df0
* 🔒 pin benchmark.yml actions to commit SHAs * 🔒 pin nightly_tests.yml actions to commit SHAs * 🔒 pin build_pr_documentation.yml actions to commit SHAs * 🔒 pin typos.yml actions to commit SHAs * 🔒 pin build_docker_images.yml actions to commit SHAs * 🔒 pin build_documentation.yml actions to commit SHAs * 🔒 pin upload_pr_documentation.yml actions to commit SHAs * 🔒 pin pr_style_bot.yml actions to commit SHAs * 🔒 pin codeql.yml actions to commit SHAs * 🔒 pin ssh-pr-runner.yml actions to commit SHAs * 🔒 pin trufflehog.yml actions to commit SHAs
23 lines
574 B
YAML
23 lines
574 B
YAML
---
|
|
name: CodeQL Security Analysis For Github Actions
|
|
|
|
on:
|
|
push:
|
|
branches: ["main"]
|
|
workflow_dispatch:
|
|
# pull_request:
|
|
|
|
jobs:
|
|
codeql:
|
|
name: CodeQL Analysis
|
|
uses: huggingface/security-workflows/.github/workflows/codeql-reusable.yml@dc6ca34688e6876c2dd18750719b44d177586c17 # v1
|
|
permissions:
|
|
security-events: write
|
|
packages: read
|
|
actions: read
|
|
contents: read
|
|
with:
|
|
languages: '["actions","python"]'
|
|
queries: 'security-extended,security-and-quality'
|
|
runner: 'ubuntu-latest' #optional if need custom runner
|