Skip to content
DevSkim

ci(deps): bump actions/dependency-review-action from 4.7.2 to 4.7.3 (… #216

Sign in to view logs

ci(deps): bump actions/dependency-review-action from 4.7.2 to 4.7.3 (…

ci(deps): bump actions/dependency-review-action from 4.7.2 to 4.7.3 (… #216

Workflow file for this run

.github/workflows/devskim.yml at c41b7fb
---
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
name: DevSkim
on:
push:
branches: ["main"]
pull_request:
branches: ["main"]
schedule:
- cron: "0 0 * * 0"
permissions: {}
jobs:
lint:
name: DevSkim
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout code
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
- name: Run DevSkim scanner
uses: microsoft/DevSkim-Action@4b5047945a44163b94642a1cecc0d93a3f428cc6 # v1.0.16
- name: Upload DevSkim scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@3c3833e0f8c1c83d449a7478aa59c036a9165498 # v3.29.5
with:
should-scan-archives: true
sarif_file: devskim-results.sarif