Update aquasecurity/trivy-action action to v0.26.0 #1022
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow uses actions that are not certified by GitHub. | |
| # They are provided by a third-party and are governed by | |
| # separate terms of service, privacy policy, and support | |
| # documentation. | |
| # ESLint is a tool for identifying and reporting on patterns | |
| # found in ECMAScript/JavaScript code. | |
| # More details at https://github.com/eslint/eslint | |
| # and https://eslint.org | |
| --- | |
| name: ESLint | |
| on: # yamllint disable-line rule:truthy | |
| push: | |
| branches: ["main"] | |
| pull_request: | |
| # The branches below must be a subset of the branches above | |
| branches: ["main"] | |
| workflow_dispatch: | |
| schedule: | |
| # ┌───────────── minute (0 - 59) | |
| # │ ┌───────────── hour (0 - 23) | |
| # │ │ ┌───────────── day of the month (1 - 31) | |
| # │ │ │ ┌───────────── month (1 - 12 or JAN-DEC) | |
| # │ │ │ │ ┌───────────── day of the week (0 - 6 or SUN-SAT) | |
| # │ │ │ │ │ | |
| # │ │ │ │ │ | |
| # │ │ │ │ │ | |
| # * * * * * | |
| - cron: '36 13 * * 1' | |
| jobs: | |
| eslint: | |
| name: Run eslint scanning | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| security-events: write | |
| # only required for a private repository by | |
| # github/codeql-action/upload-sarif to get the Action run status | |
| actions: read | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 22.x | |
| - name: Install ESLint | |
| run: | | |
| npm install --include=dev [email protected] | |
| npm install --include=dev @microsoft/[email protected] | |
| - name: Test ESLint | |
| run: | | |
| npx --yes eslint --env-info | |
| - name: Run ESLint | |
| run: > | |
| npx eslint . | |
| --color | |
| --max-warnings=0 | |
| --format @microsoft/eslint-formatter-sarif | |
| --output-file eslint-results.sarif | |
| continue-on-error: true | |
| - name: Upload analysis results to GitHub | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: eslint-results.sarif | |
| wait-for-processing: true |