Merge pull request #18 from chainguard-dev/dependabot/npm_and_yarn/al… #31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Malcontent Analysis on Push | |
| on: | |
| push: | |
| branches: [main, develop] | |
| permissions: | |
| contents: read | |
| jobs: | |
| malcontent: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Checkout code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 2 # Need at least 2 commits for HEAD~1 | |
| - name: Run Malcontent Diff | |
| id: malcontent | |
| uses: ./ # In actual usage, this would be: imjasonh/malcontent-action@... | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Upload SARIF | |
| uses: github/codeql-action/upload-sarif@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858 #v3.29.0 - 11 Jun 2025 | |
| if: always() # Upload even if the malcontent check fails | |
| with: | |
| sarif_file: ${{ steps.malcontent.outputs.sarif-file }} | |
| category: malcontent |