Skip to content
Lint GitHub Actions workflows

Skip "might not exist" report for string types with integer offsets in union decomposition check #3461

Sign in to view logs

Skip "might not exist" report for string types with integer offsets in union decomposition check

Skip "might not exist" report for string types with integer offsets in union decomposition check #3461

Workflow file for this run

.github/workflows/lint-workflows.yml at b3fe1bb
# Configuration from:
# https://github.com/johnbillion/plugin-infrastructure/blob/571cba96190304963285181e2b928d941b9ec7c4/.github/workflows/reusable-workflow-lint.yml
name: Lint GitHub Actions workflows
on:
pull_request:
push:
branches:
- "2.1.x"
permissions: {}
jobs:
actionlint:
runs-on: ubuntu-latest
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
with:
egress-policy: audit
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Check workflow files
run: |
echo "::add-matcher::.github/actionlint-matcher.json"
bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash)
./actionlint -color
shell: bash
octoscan:
name: Octoscan
runs-on: ubuntu-latest
permissions:
security-events: write # Required for codeql-action/upload-sarif to upload SARIF files.
timeout-minutes: 10
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
with:
egress-policy: audit
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Run octoscan
id: octoscan
uses: synacktiv/action-octoscan@6b1cf2343893dfb9e5f75652388bd2dc83f456b0 # v1.0.0
with:
filter_triggers: ''
- name: Upload SARIF file to GitHub
uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
with:
sarif_file: "${{steps.octoscan.outputs.sarif_output}}"
category: octoscan
wait-for-processing: false
poutine:
name: Poutine
runs-on: ubuntu-latest
permissions:
security-events: write # Required for codeql-action/upload-sarif to upload SARIF files.
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
with:
egress-policy: audit
- name: Checkout repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Run Poutine
uses: boostsecurityio/poutine-action@84c0a0d32e8d57ae12651222be1eb15351429228 # v0.15.2
- name: Upload poutine SARIF file
uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
with:
sarif_file: results.sarif
category: poutine
wait-for-processing: false
zizmor:
name: Zizmor
runs-on: ubuntu-latest
permissions:
security-events: write # Required for codeql-action/upload-sarif to upload SARIF files.
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
with:
egress-policy: audit
- name: Checkout repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Install the latest version of uv
uses: astral-sh/setup-uv@eac588ad8def6316056a12d4907a9d4d84ff7a3b # v7.3.0
with:
enable-cache: false
- name: Run zizmor
run: uvx zizmor@1.20.0 --persona=auditor --format=sarif --strict-collection . > results.sarif
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
with:
sarif_file: results.sarif
category: zizmor
wait-for-processing: false