microsoft
Add DevSkim workflow for code scanning
Description
This pull request introduces a new GitHub Actions workflow to integrate DevSkim, an automated security scanning tool, into the CI/CD pipeline. The workflow runs on pushes, pull requests, and on a weekly schedule, scanning code for security issues and uploading results to the GitHub Security tab.
Security and CI/CD Integration:
- Added a new workflow file
.github/workflows/devskim.ymlto automate DevSkim security scans on themainbranch for pushes, pull requests, and on a weekly schedule. The workflow checks out the code, runs the DevSkim scanner, and uploads the results in SARIF format to GitHub's Security tab.
Change type
- [ ] Bug fix (non-breaking change)
- [ ] Code style update (formatting, local variables)
- [] New Feature (non-breaking change that adds new functionality without impacting existing)
- [ ] Breaking change (fix or feature that may cause functionality impact)
- [x] Other
Checklist:
- [x] My code follows the style and contribution guidelines of this project.
- [x] I have tested and validated my code changes.
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.
![github-advanced-security[bot] avatar](https://avatars.githubusercontent.com/in/57789?v=4 "Published by a pub.dev verified publisher"){kind=small}