Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

security-code-scan/security-code-scan-add-action

Folders and files

NameName
Last commit message
Last commit date

Latest commit

History

18 Commits

Repository files navigation

Security-Code-Scan Add Action

This action is designed to run as part of a workflow that builds projects referencing NuGet SecurityCodeScan.VS2019.

It produces a GitHub compatible SARIF file for uploading to the repository 'Code scanning alerts'.

Usage

See action.yml

Workflow Examples

The recommended way to add this action to your workflow is with a subsequent action that uploads the prepared SARIF files to the repository 'Code scanning alerts'.

on:
 push:
jobs:
 SCS:
 runs-on: ubuntu-latest
 steps: 
 - uses: actions/checkout@v2
 
 - name: Set up projects
 uses: security-code-scan/security-code-scan-add-action@v1
 - name: Build
 run: |
 dotnet restore
 dotnet build

 - name: Convert sarif for uploading to GitHub
 uses: security-code-scan/security-code-scan-results-action@v1
 
 - name: Upload sarif	
 uses: github/codeql-action/upload-sarif@v1

For .NET 4.x example see FullDotNetWebApp demo repository.

About

GitHub Action to integrate https://github.com/security-code-scan/security-code-scan into CI/CD process.

Resources

Stars

Watchers

Forks

Packages

No packages published

AltStyle によって変換されたページ (->オリジナル) /