Trunk, you got a big storm coming, honey

2026-01-07 10:27:43 +00:00 · 2023-01-27 10:22:17 -06:00
parent ed155476ac
commit 2e8832babb
8 changed files with 64 additions and 69 deletions
--- a/.github/workflows/sec_sast_flawfinder.yml
+++ b/.github/workflows/sec_sast_flawfinder.yml
@@ -10,31 +10,31 @@ on:

 jobs:
  flawfinder:
-      runs-on: ubuntu-latest
-      name: Flawfinder
+    runs-on: ubuntu-latest
+    name: Flawfinder

-      steps:
-        # step 1
-        - name: clone application source code
-          uses: actions/checkout@v3
+    steps:
+      # step 1
+      - name: clone application source code
+        uses: actions/checkout@v3

-        # step 2
-        - name: flawfinder_scan
-          uses: david-a-wheeler/flawfinder@2.0.19
-          with:
-            arguments: '--sarif ./'
-            output: 'flawfinder_report.sarif'
+      # step 2
+      - name: flawfinder_scan
+        uses: david-a-wheeler/flawfinder@2.0.19
+        with:
+          arguments: "--sarif ./"
+          output: "flawfinder_report.sarif"

-        # step 3
-        - name: save report as pipeline artifact
-          uses: actions/upload-artifact@v3
-          with:
-            name: flawfinder_report.sarif
-            path: flawfinder_report.sarif
+      # step 3
+      - name: save report as pipeline artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: flawfinder_report.sarif
+          path: flawfinder_report.sarif

-        # step 4
-        - name: publish code scanning alerts
-          uses: github/codeql-action/upload-sarif@v2
-          with:
-            sarif_file: flawfinder_report.sarif
-            category: flawfinder
+      # step 4
+      - name: publish code scanning alerts
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: flawfinder_report.sarif
+          category: flawfinder