TREX/qmckl
1
0
Fork 0
mirror of https://github.com/TREX-CoE/qmckl.git synced 2024-11-03 20:54:09 +01:00
Code Issues Projects Releases Wiki Activity

Fixed security in CI

Browse Source
This commit is contained in:
Anthony Scemama 2022-11-16 23:09:25 +01:00
parent e7ab147194
commit 68ea4ad588
2 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
.github/workflows/devskim.yml vendored
View File

@ -13,6 +13,9 @@ on:
schedule: schedule:
- cron: '19 5 * * 2' - cron: '19 5 * * 2'
permissions:
contents: read
jobs: jobs:
lint: lint:
name: DevSkim name: DevSkim
@ -23,12 +26,12 @@ jobs:
security-events: write security-events: write
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@v3 uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
- name: Run DevSkim scanner - name: Run DevSkim scanner
uses: microsoft/DevSkim-Action@v1 uses: microsoft/DevSkim-Action@a8a9e06bab570db990fe7351ae9d4d444b9489ca
- name: Upload DevSkim scan results to GitHub Security tab - name: Upload DevSkim scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2 uses: github/codeql-action/upload-sarif@678fc3afe258fb2e0cdc165ccf77b85719de7b3c
with: with:
sarif_file: devskim-results.sarif sarif_file: devskim-results.sarif

7
.github/workflows/flawfinder.yml vendored
View File

@ -14,6 +14,9 @@ on:
schedule: schedule:
- cron: '23 11 * * 3' - cron: '23 11 * * 3'
permissions:
contents: read
jobs: jobs:
flawfinder: flawfinder:
name: Flawfinder name: Flawfinder
@ -24,7 +27,7 @@ jobs:
security-events: write security-events: write
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@v3 uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
- name: flawfinder_scan - name: flawfinder_scan
uses: david-a-wheeler/flawfinder@8e4a779ad59dbfaee5da586aa9210853b701959c uses: david-a-wheeler/flawfinder@8e4a779ad59dbfaee5da586aa9210853b701959c
@ -33,6 +36,6 @@ jobs:
output: 'flawfinder_results.sarif' output: 'flawfinder_results.sarif'
- name: Upload analysis results to GitHub Security tab - name: Upload analysis results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2 uses: github/codeql-action/upload-sarif@678fc3afe258fb2e0cdc165ccf77b85719de7b3c
with: with:
sarif_file: ${{github.workspace}}/flawfinder_results.sarif sarif_file: ${{github.workspace}}/flawfinder_results.sarif