Composite GitHub CI Action^1 containing the minimal viable security lint for brave repositories
Add an action under .github/workflow/security-action.yml
with the following content:
name: security
on:
workflow_dispatch:
push:
branches: [main]
pull_request:
types: [opened, synchronize, reopened, ready_for_review]
branches: [main]
jobs:
security:
name: security
runs-on: ubuntu-latest
strategy:
fail-fast: false
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- uses: brave/security-action/actions/main@main
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
slack_token: ${{ secrets.HOTSPOTS_SLACK_TOKEN }} # optional
# by default assignees will be thypon, modify accordingly
assignees: |
yoursecuritycontact
yoursecondsecuritycontact