-
Notifications
You must be signed in to change notification settings - Fork 30
38 lines (35 loc) · 1.13 KB
/
slither.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
name: Slither Analysis
# Config File for Public Github Repos
## Private Github needs External Action support, this will not work in Private Github
on:
# Only run this action on pushes / pull requests to main branch
push:
branches: [ main, slither-action ]
pull_request:
branches: [ main, slither-action ]
jobs:
analyze:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Run Slither
uses: crytic/[email protected]
id: slither
# continue-on-error: true
with:
sarif: results.sarif
# Don't fail so that SARIF step still works
fail-on: none
# advanced: this can be set by Slither config file by using the next line instead
# fail-on: config
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: ${{ steps.slither.outputs.sarif }}
# Set GH_TOKEN permissions to be as restricted as possible
# security-events must be set to write for the SARIF upload step
permissions:
security-events: write
contents: read
actions: read