---
name: Security

on: # yamllint disable-line rule:truthy
  pull_request: {}
  push:
    branches:
      - main

jobs:
  sast:
    name: SAST
    permissions:
      contents: read
      security-events: write
    uses: fabasoad/reusable-workflows/.github/workflows/wf-security-sast.yml@main