Security audit #957

	name: Security audit

	on:
	schedule:
	# Runs at 00:00 UTC everyday
	- cron: '0 0 * * *'
	pull_request:
	paths:
	- 'deps/**'
	- '.github/workflows/audit.yml'
	- package.json
	- lib/**
	- src/**

	jobs:
	rust-audit:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout repository
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	- uses: EmbarkStudios/cargo-deny-action@76cd80eb775d7bbbd2d80292136d74d39e1b4918 # v2.0.14
	with:
	manifest-path: "deps/swc/bindings/binding_typescript_wasm/Cargo.toml"

	typescript-audit:
	runs-on: ubuntu-latest
	permissions:
	security-events: write
	packages: read
	actions: read
	contents: read
	strategy:
	matrix:
	include:
	- language: javascript-typescript
	steps:
	- name: Checkout repository
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
	- name: Initialize CodeQL
	uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v3.29.5
	with:
	languages: ${{ matrix.language }}
	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v3.29.5
	with:
	category: "/language:${{matrix.language}}"

Provide feedback