diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..072780f --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,24 @@ +name: CodeQL + +on: + push: + branches: [main] + pull_request: + branches: [main] + schedule: + - cron: "0 6 * * 1" + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + security-events: write + steps: + - uses: actions/checkout@v4 + - uses: github/codeql-action/init@v3 + with: + languages: javascript-typescript + - uses: github/codeql-action/analyze@v3 + with: + category: /language:javascript-typescript diff --git a/README.md b/README.md index 15ebd23..e36dc40 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,7 @@ [![CI](https://github.com/FerrFlow-Org/MCP/actions/workflows/ci.yml/badge.svg)](https://github.com/FerrFlow-Org/MCP/actions/workflows/ci.yml) [![npm](https://img.shields.io/npm/v/@ferrflow/mcp)](https://www.npmjs.com/package/@ferrflow/mcp) [![Coverage](https://codecov.io/gh/FerrFlow-Org/MCP/branch/main/graph/badge.svg)](https://codecov.io/gh/FerrFlow-Org/MCP) +[![CodeQL](https://github.com/FerrFlow-Org/MCP/actions/workflows/codeql.yml/badge.svg)](https://github.com/FerrFlow-Org/MCP/actions/workflows/codeql.yml) [![License](https://img.shields.io/github/license/FerrFlow-Org/MCP)](LICENSE) [Model Context Protocol](https://modelcontextprotocol.io) server that lets AI assistants interact with FerrFlow.