Merge pull request #4919 from alphagov/dependabot/bundler/rails-html-… #502

	name: Security scans

	on:
	push:
	branches:
	- main
	paths-ignore:
	- '*/.md'
	pull_request:
	paths-ignore:
	- '*/.md'
	workflow_dispatch:
	inputs:
	ref:
	description: The branch, tag or SHA to check out
	default: main
	type: string

	jobs:
	codeql-sast:
	name: CodeQL SAST scan
	uses: alphagov/govuk-infrastructure/.github/workflows/codeql-analysis.yml@main
	permissions:
	security-events: write

	dependency-review:
	name: Dependency Review scan
	uses: alphagov/govuk-infrastructure/.github/workflows/dependency-review.yml@main

Provide feedback