Commit edef66e 1 parent 18d8e9a commit edef66e Copy full SHA for edef66e
File tree 1 file changed +48
-0
lines changed
1 file changed +48
-0
lines changed Original file line number Diff line number Diff line change 1+ # This workflow uses actions that are not certified by GitHub.
2+ # They are provided by a third-party and are governed by
3+ # separate terms of service, privacy policy, and support
4+ # documentation.
5+
6+ # A sample workflow which sets up periodic OSV-Scanner scanning for vulnerabilities,
7+ # in addition to a PR check which fails if new vulnerabilities are introduced.
8+ #
9+ # For more examples and options, including how to ignore specific vulnerabilities,
10+ # see https://google.github.io/osv-scanner/github-action/
11+
12+ name : OSV-Scanner
13+
14+ on :
15+ pull_request :
16+ branches : ['main']
17+ merge_group :
18+ branches : ['main']
19+ schedule :
20+ - cron : ' 45 6 * * 5'
21+ push :
22+ branches : ['main']
23+
24+ permissions :
25+ # Require writing security events to upload SARIF file to security tab
26+ security-events : write
27+ # Read commit contents
28+ contents : read
29+
30+ jobs :
31+ scan-scheduled :
32+ if : ${{ github.event_name == 'push' || github.event_name == 'schedule' }}
33+ uses : ' google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@1f1242919d8a60496dd1874b24b62b2370ed4c78' # v1.7.1
34+ with :
35+ # Example of specifying custom arguments
36+ scan-args : |-
37+ -r
38+ --skip-git
39+ ./
40+ scan-pr :
41+ if : ${{ github.event_name == 'pull_request' || github.event_name == 'merge_group' }}
42+ uses : ' google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@1f1242919d8a60496dd1874b24b62b2370ed4c78' # v1.7.1
43+ with :
44+ # Example of specifying custom arguments
45+ scan-args : |-
46+ -r
47+ --skip-git
48+ ./
You can’t perform that action at this time.
0 commit comments