Security Scan #4

	name: Security Scan

	on:
	push:
	branches: [ main ]
	pull_request:
	branches: [ main ]
	schedule:
	- cron: '0 0 * * 0' # Run weekly

	jobs:
	security-scan:
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v4

	- name: Run Snyk to check for vulnerabilities
	uses: snyk/actions/node@master
	env:
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	with:
	args: --severity-threshold=high

	- name: Run OWASP ZAP Scan
	uses: zaproxy/action-full-scan@v0.9.0
	with:
	target: 'https://yeonsphere.github.io/'
	rules_file_name: '.zap/rules.tsv'
	cmd_options: '-a'

	codeql:
	runs-on: ubuntu-latest
	permissions:
	security-events: write

	steps:
	- uses: actions/checkout@v4

	- name: Initialize CodeQL
	uses: github/codeql-action/init@v3
	with:
	languages: javascript

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@v3

	dependency-review:
	runs-on: ubuntu-latest
	if: github.event_name == 'pull_request'

	steps:
	- uses: actions/checkout@v4

	- name: Dependency Review
	uses: actions/dependency-review-action@v4

Provide feedback