# This workflow uses actions that are not certified by GitHub. # They are provided by a third-party and are governed by # separate terms of service, privacy policy, and support # documentation. name: DevSkim on: push: branches: [ "main" ] pull_request: branches: [ "main" ] schedule: - cron: '24 11 * * 0' jobs: lint: name: DevSkim runs-on: ubuntu-20.04 permissions: actions: read contents: read security-events: write steps: - name: Checkout code uses: actions/checkout@v3 - name: Run DevSkim scanner uses: microsoft/DevSkim-Action@v1 - name: Upload DevSkim scan results to GitHub Security tab uses: github/codeql-action/upload-sarif@v2 with: sarif_file: devskim-results.sarif