From 858bd373e52586e267b0dca56f0068d62f932a2e Mon Sep 17 00:00:00 2001
From: tomer-mobb <132216976+tomer-mobb@users.noreply.github.com>
Date: Thu, 18 Jan 2024 20:20:14 +0700
Subject: [PATCH] Add new yaml file

---
 .github/workflows/mobb-codeql.yaml | 53 ++++++++++++++++++++++++++++++
 1 file changed, 53 insertions(+)
 create mode 100644 .github/workflows/mobb-codeql.yaml

diff --git a/.github/workflows/mobb-codeql.yaml b/.github/workflows/mobb-codeql.yaml
new file mode 100644
index 0000000..92ea505
--- /dev/null
+++ b/.github/workflows/mobb-codeql.yaml
@@ -0,0 +1,53 @@
+# Mobb/CodeQL Fixer on pull requests
+# This workflow defines the needed steps to run CodeQL on every pull request and pass the results to Mobb Fixer.
+# This example utilizes CodeQL with JavaScript. For other languages, change the CodeQL language settings below.
+#
+# Secrets in use:
+# MOBB_API_TOKEN - your mobb user credentials (autumatially set if you forked this repo via the Mobb app)
+# GITHUB_TOKEN - automatically set by GitHub
+
+name: "Mobb/CodeQL"
+
+on:
+  pull_request:
+    branches: ["main"]
+
+jobs:
+  scan-and-fix:
+    name: Scan with CodeQL and fix with Mobb
+    runs-on: 'ubuntu-latest'
+    timeout-minutes: 360
+    permissions:
+      pull-requests: write
+      statuses: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ["javascript-typescript"]
+        # CodeQL supports [ 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' ]
+        codeql_output_filename: ["javascript.sarif"]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+
+      - name: Perform CodeQL analysis
+        uses: github/codeql-action/analyze@v2
+        with:
+          category: "/language:${{ matrix.language }}"
+          output: results
+
+      - name: Run Mobb on the findings and get fixes
+        if: always()
+        uses: mobb-dev/action/review@beta0.0.5
+        with:
+          report-file: results/${{ matrix.codeql_output_filename }}
+          api-key: ${{ secrets.MOBB_API_TOKEN }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          scanner: codeql