Skip to content

DevSkim analysis

DevSkim analysis #289

name: DevSkim analysis
on:
pull_request:
branches:
- main
push:
branches:
- main
schedule:
- cron: 10 22 * * 3
workflow_dispatch:
permissions: {}
jobs:
lint:
name: DevSkim
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Check out code
uses: actions/checkout@v3
with:
persist-credentials: false
- name: Run DevSkim scanner
uses: microsoft/DevSkim-Action@v1
with:
ignore-globs: "**/.git/**,**/.github/**,**/bin/**,**/obj/**,**/*.json"
should-scan-archives: false
- name: Report DevSkim scan results to GitHub
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: devskim-results.sarif