Skip to content

Commit

Permalink
ci: run DevSkim analysis
Browse files Browse the repository at this point in the history
DevSkim is security linter that highlights common security issues in source code.
https://github.com/microsoft/DevSkim-Action
  • Loading branch information
jonlabelle committed Jun 28, 2024
1 parent 68ab93a commit 7864eb1
Showing 1 changed file with 23 additions and 2 deletions.
25 changes: 23 additions & 2 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -45,8 +45,8 @@ jobs:
dotnet build --configuration Release --no-restore
dotnet test --configuration Release --verbosity minimal --no-build
analyze:
name: code analysis
code-ql:
name: code-ql analysis
runs-on: ubuntu-latest
permissions:
actions: read
Expand Down Expand Up @@ -80,3 +80,24 @@ jobs:

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3

dev-skim:
name: dev skim analysis
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout code
uses: actions/checkout@main

- name: Run DevSkim scanner
uses: microsoft/DevSkim-Action@main

- name: Upload DevSkim scan results to GitHub security
uses: github/codeql-action/upload-sarif@main
with:
sarif_file: devskim-results.sarif
directory-to-scan: ${{ github.workspace }}/src
extra-options: --console-verbosity Verbose --skip-git-ignored-files true

0 comments on commit 7864eb1

Please sign in to comment.