chore(main): release 0.9.1 (#82) #220

Workflow file for this run

.github/workflows/dev-osv-scanner.yml at e56a659

	name: DEV / OSV SARIF scan

	on:
	push:
	branches:
	- main
	pull_request:
	branches:
	- main
	schedule:
	- cron: "7 10 * * 1"
	workflow_dispatch:

	permissions: {}

	jobs:
	scan:
	name: OSV scanner
	runs-on: ubuntu-24.04
	permissions:
	actions: read
	contents: read
	security-events: write
	steps:
	- name: Checkout repository
	uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
	with:
	persist-credentials: false

	- name: Run scanner
	id: scan
	uses: google/osv-scanner-action/osv-scanner-action@9a498708959aeaef5ef730655706c5a1df1edbc2 # v2.3.8
	with:
	scan-args: \|-
	--output=results.json
	--format=json
	--recursive
	./
	continue-on-error: true

	- name: Generate SARIF
	uses: google/osv-scanner-action/osv-reporter-action@9a498708959aeaef5ef730655706c5a1df1edbc2 # v2.3.8
	with:
	scan-args: \|-
	--output=osv-scanner.sarif
	--new=results.json
	--gh-annotations=false
	--fail-on-vuln=true

	- name: Upload SARIF artifact
	if: ${{ !cancelled() }}
	uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
	with:
	name: OSV Scanner SARIF file
	path: osv-scanner.sarif
	retention-days: 5

	- name: Upload SARIF to code scanning
	if: ${{ !cancelled() && github.event_name != 'pull_request' }}
	uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
	with:
	sarif_file: osv-scanner.sarif

	- name: Print code scanning URL
	if: ${{ !cancelled() && github.event_name != 'pull_request' }}
	run: \|
	echo "View the OSV-Scanner results in the Security tab:"
	echo "${{ github.server_url }}/${{ github.repository }}/security/code-scanning?query=is%3Aopen+branch%3A${GITHUB_REF_NAME}+tool%3Aosv-scanner"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(main): release 0.9.1 (#82) #220

Workflow file

chore(main): release 0.9.1 (#82) #220

Uh oh!

Workflow file for this run