From 8cc078112ec594f9818a537271754f689163d9cb Mon Sep 17 00:00:00 2001
From: Richard Murillo <richard.murillo@microsoft.com>
Date: Wed, 12 Jun 2024 11:29:40 -0700
Subject: [PATCH 1/6] Update main.yml to add devskim

---
 .github/workflows/main.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 699f7e16..cfb223f4 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -104,3 +104,11 @@ jobs:
       uses: github/codeql-action/analyze@v3
       with:
         category: "/language:csharp"
+
+    - name: Run DevSkim scanner
+      uses: microsoft/DevSkim-Action@v1
+
+    - name: Upload DevSkim scan results to GitHub Security tab
+      uses: github/codeql-action/upload-sarif@v2
+      with:
+        sarif_file: devskim-results.sarif

From 03ace62e72287417fa66d3b00c09209958cca4c3 Mon Sep 17 00:00:00 2001
From: Richard Murillo <richard.murillo@microsoft.com>
Date: Wed, 12 Jun 2024 11:43:14 -0700
Subject: [PATCH 2/6] Update DevSkim to only run on Linux

DevSkim is only supported on Linux OS
---
 .github/workflows/main.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index cfb223f4..000072c4 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -107,8 +107,10 @@ jobs:
 
     - name: Run DevSkim scanner
       uses: microsoft/DevSkim-Action@v1
+      if: runner.os == 'Linux'
 
     - name: Upload DevSkim scan results to GitHub Security tab
       uses: github/codeql-action/upload-sarif@v2
+      if: runner.os == 'Linux'
       with:
         sarif_file: devskim-results.sarif

From d04bf52796d6406045ff090842d31a3e1ce1a1e3 Mon Sep 17 00:00:00 2001
From: Richard Murillo <richard.murillo@microsoft.com>
Date: Wed, 12 Jun 2024 12:34:42 -0700
Subject: [PATCH 3/6] Update Packages.props to add DevSkim analyzers

---
 build/targets/codeanalysis/Packages.props | 1 +
 1 file changed, 1 insertion(+)

diff --git a/build/targets/codeanalysis/Packages.props b/build/targets/codeanalysis/Packages.props
index 19c793af..ecfe75a0 100644
--- a/build/targets/codeanalysis/Packages.props
+++ b/build/targets/codeanalysis/Packages.props
@@ -4,5 +4,6 @@
     <PackageVersion Include="Microsoft.CodeAnalysis.Analyzers" Version="3.3.4" />
     <PackageVersion Include="Roslynator.Analyzers" Version="4.12.4" />
     <PackageVersion Include="StyleCop.Analyzers" Version="1.2.0-beta.556" />
+    <PackageVersion Include="Microsoft.CST.DevSkim" Version="1.0.33" />
   </ItemGroup>
 </Project>

From 4c4e267208966617999b832368e7da2d4a9f0172 Mon Sep 17 00:00:00 2001
From: Richard Murillo <richard.murillo@microsoft.com>
Date: Wed, 12 Jun 2024 12:35:19 -0700
Subject: [PATCH 4/6] Update CodeAnalysis.props to add DevSkim

---
 build/targets/codeanalysis/CodeAnalysis.props | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/build/targets/codeanalysis/CodeAnalysis.props b/build/targets/codeanalysis/CodeAnalysis.props
index e78f5421..b3b2e4cf 100644
--- a/build/targets/codeanalysis/CodeAnalysis.props
+++ b/build/targets/codeanalysis/CodeAnalysis.props
@@ -24,5 +24,9 @@
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
+    <PackageReference Include="Microsoft.CST.DevSkim">
+      <PrivateAssets>all</PrivateAssets>
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+    </PackageReference>
   </ItemGroup>
 </Project>

From 36f9d4913938175e00b5bdb4989698a6b93cdf02 Mon Sep 17 00:00:00 2001
From: Richard Murillo <richard.murillo@microsoft.com>
Date: Wed, 12 Jun 2024 13:20:05 -0700
Subject: [PATCH 5/6] Remove DevSkim package

---
 build/targets/codeanalysis/CodeAnalysis.props | 4 ----
 build/targets/codeanalysis/Packages.props     | 1 -
 2 files changed, 5 deletions(-)

diff --git a/build/targets/codeanalysis/CodeAnalysis.props b/build/targets/codeanalysis/CodeAnalysis.props
index b3b2e4cf..e78f5421 100644
--- a/build/targets/codeanalysis/CodeAnalysis.props
+++ b/build/targets/codeanalysis/CodeAnalysis.props
@@ -24,9 +24,5 @@
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
-    <PackageReference Include="Microsoft.CST.DevSkim">
-      <PrivateAssets>all</PrivateAssets>
-      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
-    </PackageReference>
   </ItemGroup>
 </Project>
diff --git a/build/targets/codeanalysis/Packages.props b/build/targets/codeanalysis/Packages.props
index ecfe75a0..19c793af 100644
--- a/build/targets/codeanalysis/Packages.props
+++ b/build/targets/codeanalysis/Packages.props
@@ -4,6 +4,5 @@
     <PackageVersion Include="Microsoft.CodeAnalysis.Analyzers" Version="3.3.4" />
     <PackageVersion Include="Roslynator.Analyzers" Version="4.12.4" />
     <PackageVersion Include="StyleCop.Analyzers" Version="1.2.0-beta.556" />
-    <PackageVersion Include="Microsoft.CST.DevSkim" Version="1.0.33" />
   </ItemGroup>
 </Project>

From 72015a50526a72200973a9a3e817195727f15f96 Mon Sep 17 00:00:00 2001
From: Richard Murillo <richard.murillo@microsoft.com>
Date: Wed, 12 Jun 2024 13:20:17 -0700
Subject: [PATCH 6/6] Add DevSkim as a CLI tool

---
 .config/dotnet-tools.json | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/.config/dotnet-tools.json b/.config/dotnet-tools.json
index cbecc491..1d7e95e9 100644
--- a/.config/dotnet-tools.json
+++ b/.config/dotnet-tools.json
@@ -15,6 +15,13 @@
         "dotnet-verify"
       ],
       "rollForward": false
+    },
+    "microsoft.cst.devskim.cli": {
+      "version": "1.0.33",
+      "commands": [
+        "devskim"
+      ],
+      "rollForward": false
     }
   }
 }
\ No newline at end of file