Skip to content

Commit

Permalink
devops: CI - Create pysa.yml
Browse files Browse the repository at this point in the history
  • Loading branch information
sfermigier authored Nov 28, 2024
1 parent cd5a34d commit 483bc4f
Showing 1 changed file with 50 additions and 0 deletions.
50 changes: 50 additions & 0 deletions .github/workflows/pysa.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.

# This workflow integrates Python Static Analyzer (Pysa) with
# GitHub's Code Scanning feature.
#
# Python Static Analyzer (Pysa) is a security-focused static
# analysis tool that tracks flows of data from where they
# originate to where they terminate in a dangerous location.
#
# See https://pyre-check.org/docs/pysa-basics/

name: Pysa

on:
workflow_dispatch:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
schedule:
- cron: '20 2 * * 1'

permissions:
contents: read

jobs:
pysa:
permissions:
actions: read
contents: read
security-events: write

runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: true

- name: Run Pysa
uses: facebook/pysa-action@f46a63777e59268613bd6e2ff4e29f144ca9e88b
with:
# To customize these inputs:
# See https://github.com/facebook/pysa-action#inputs
repo-directory: './'
requirements-path: 'requirements.txt'
infer-types: true
include-default-sapp-filters: true

0 comments on commit 483bc4f

Please sign in to comment.