meshtastic-firmware/.github/workflows/sec_sast_flawfinder.yml

---
name: Flawfinder Scan

on:
  push:
    branches: [master, develop]
    paths-ignore:
      - "**.md"
      - "version.properties"

jobs:
  flawfinder:
    runs-on: ubuntu-latest
    name: Flawfinder

    steps:
      # step 1
      - name: clone application source code
        uses: actions/checkout@v4

      # step 2
      - name: flawfinder_scan
        uses: david-a-wheeler/flawfinder@2.0.19
        with:
          arguments: "--sarif ./"
          output: "flawfinder_report.sarif"

      # step 3
      - name: save report as pipeline artifact
        uses: actions/upload-artifact@v4
        with:
          name: flawfinder_report.sarif
          overwrite: true
          path: flawfinder_report.sarif

      # step 4
      - name: publish code scanning alerts
        uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: flawfinder_report.sarif
          category: flawfinder
Add flawfinder for cover C++ codebase 2022-11-20 12:50:38 +00:00			`---`
Run flawfinder only on push to specific branch 2022-11-20 15:16:04 +00:00			`name: Flawfinder Scan`
Add flawfinder for cover C++ codebase 2022-11-20 12:50:38 +00:00
			`on:`
Run flawfinder only on push to specific branch 2022-11-20 15:16:04 +00:00			`push:`
			`branches: [master, develop]`
			`paths-ignore:`
			`- "**.md"`
			`- "version.properties"`
Add flawfinder for cover C++ codebase 2022-11-20 12:50:38 +00:00
			`jobs:`
			`flawfinder:`
Trunk, you got a big storm coming, honey 2023-01-27 16:22:17 +00:00			`runs-on: ubuntu-latest`
			`name: Flawfinder`
Add flawfinder for cover C++ codebase 2022-11-20 12:50:38 +00:00
Trunk, you got a big storm coming, honey 2023-01-27 16:22:17 +00:00			`steps:`
			`# step 1`
			`- name: clone application source code`
Update CI runner versions from Node 16 to 20. (#3872) 2024-05-13 08:47:40 +00:00			`uses: actions/checkout@v4`
Add flawfinder for cover C++ codebase 2022-11-20 12:50:38 +00:00
Trunk, you got a big storm coming, honey 2023-01-27 16:22:17 +00:00			`# step 2`
			`- name: flawfinder_scan`
			`uses: david-a-wheeler/flawfinder@2.0.19`
			`with:`
			`arguments: "--sarif ./"`
			`output: "flawfinder_report.sarif"`
Add flawfinder for cover C++ codebase 2022-11-20 12:50:38 +00:00
Trunk, you got a big storm coming, honey 2023-01-27 16:22:17 +00:00			`# step 3`
			`- name: save report as pipeline artifact`
Update CI runner versions from Node 16 to 20. (#3872) 2024-05-13 08:47:40 +00:00			`uses: actions/upload-artifact@v4`
Trunk, you got a big storm coming, honey 2023-01-27 16:22:17 +00:00			`with:`
			`name: flawfinder_report.sarif`
Update CI runner versions from Node 16 to 20. (#3872) 2024-05-13 08:47:40 +00:00			`overwrite: true`
Trunk, you got a big storm coming, honey 2023-01-27 16:22:17 +00:00			`path: flawfinder_report.sarif`
Add flawfinder for cover C++ codebase 2022-11-20 12:50:38 +00:00
Trunk, you got a big storm coming, honey 2023-01-27 16:22:17 +00:00			`# step 4`
			`- name: publish code scanning alerts`
Update CI runner versions from Node 16 to 20. (#3872) 2024-05-13 08:47:40 +00:00			`uses: github/codeql-action/upload-sarif@v3`
Trunk, you got a big storm coming, honey 2023-01-27 16:22:17 +00:00			`with:`
			`sarif_file: flawfinder_report.sarif`
			`category: flawfinder`