Skip to content
DevSkim

Bump github/codeql-action from 4.31.10 to 4.31.11 #199

Sign in to view logs

Bump github/codeql-action from 4.31.10 to 4.31.11

Bump github/codeql-action from 4.31.10 to 4.31.11 #199

Workflow file for this run

.github/workflows/devskim.yml at a95f421
name: DevSkim
on:
pull_request:
branches: [ "main" ]
workflow_dispatch:
permissions:
contents: read
jobs:
lint:
name: DevSkim
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Run DevSkim scanner
uses: microsoft/DevSkim-Action@4b5047945a44163b94642a1cecc0d93a3f428cc6 # v1.0.16
- name: Upload DevSkim scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@19b2f06db2b6f5108140aeb04014ef02b648f789 # v3.29.5
with:
sarif_file: devskim-results.sarif
- name: Upload DevSkim scan results as an artifact
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
with:
path: devskim-results.sarif