Skip to content
DevSkim

Bump github/codeql-action from 4.31.7 to 4.31.9 #192

Sign in to view logs

Bump github/codeql-action from 4.31.7 to 4.31.9

Bump github/codeql-action from 4.31.7 to 4.31.9 #192

Workflow file for this run

.github/workflows/devskim.yml at 5c3a9d8
name: DevSkim
on:
pull_request:
branches: [ "main" ]
workflow_dispatch:
permissions:
contents: read
jobs:
lint:
name: DevSkim
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- name: Run DevSkim scanner
uses: microsoft/DevSkim-Action@4b5047945a44163b94642a1cecc0d93a3f428cc6 # v1.0.16
- name: Upload DevSkim scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v3.29.5
with:
sarif_file: devskim-results.sarif
- name: Upload DevSkim scan results as an artifact
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
with:
path: devskim-results.sarif