Skip to content

Runs Shisho as GitHub action to analyze and refactor your codebase with your own lint rules

License

Notifications You must be signed in to change notification settings

flatt-security/shisho-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Shisho Action

GitHub Action for Shisho

GitHub Release GitHub Marketplace License Documentation

Screen example

Usage

Example Workflow

name: "Run tests with Shisho"

on:
  push:

jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout HEAD
        uses: actions/checkout@v1
      - name: Run Shisho
        uses: flatt-security/shisho-action@main
        with:
          ruleset-path: "./rules"

Integration with GitHub Code Scanning

You can integrate Shisho with GitHub code scanning as follows:

name: "Run tests with Shisho"

on:
  push:

jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout HEAD
        uses: actions/checkout@v1
      - name: Run Shisho
        uses: flatt-security/shisho-action@main
        with:
          ruleset-path: "./rules"
          target-path: "./"
          output-format: "sarif"
          output-path: "shisho.sarif"
          succeed-always: true
      - name: Upload SARIF file
        uses: github/codeql-action/upload-sarif@v1
        with:
          sarif_file: ./shisho.sarif

Configurations

This action has the following inputs that can be used as step.with keys:

Name Type Default Description
ruleset-path (required) String Path of Shisho rule sets
target-path String /github/workspace/ Path of files to search over
output-format String Output format (one of json, console, and sarif)
output-path String /dev/stdout Path of output files (When you specify /dev/stdout, you can output the results to standard output)
succeed-always bool false Whether to force exit code to be 0 regardless of findings.
paths-ignore String Comma-separated lists of path patterns to ignore. Example: node_modules/*,foo/,./bar

About

Runs Shisho as GitHub action to analyze and refactor your codebase with your own lint rules

Resources

License

Stars

Watchers

Forks

Packages

No packages published