Code scanning #15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Code scanning | |
| on: | |
| push: | |
| pull_request: | |
| schedule: | |
| - cron: '19 20 * * 6' | |
| jobs: | |
| check-spelling: | |
| name: check spelling | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Check spelling | |
| uses: codespell-project/actions-codespell@master | |
| with: | |
| builtin: clear,rare,usage,code,en-GB_to_en-US | |
| check_filenames: true | |
| check_hidden: true | |
| ignore_words_file: .github/spellcheck-ignore | |
| skip: "./docs/Gemfile.lock,./docs/_config.yml,./.github,./.git" | |
| commitlint: | |
| name: check commitlint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: 'latest' | |
| - name: Install commitlint dependencies | |
| run: npm install commitlint | |
| - uses: wagoid/commitlint-github-action@v6 | |
| env: | |
| NODE_PATH: ${{ github.workspace }}/node_modules | |
| with: | |
| configFile: .github/commitlint.config.mjs | |
| failOnWarnings: true | |
| analysis_devskim: | |
| name: check devskim | |
| runs-on: ubuntu-latest | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Run DevSkim scanner | |
| uses: microsoft/DevSkim-Action@v1 | |
| with: | |
| ignore-globs: '**/examples/**,**/test/**,**/.github/scripts/**,*_test.go' | |
| - name: Upload DevSkim scan results to GitHub Security tab | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: devskim-results.sarif |