Skip to content

Create .deepsource.toml #2

Create .deepsource.toml

Create .deepsource.toml #2

Workflow file for this run

name: Dart Analyzer to SARIF
on: [push]
jobs:
dart-analyzer:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
name: Dart Analyzer to SARIF
steps:
- name: Checkout
uses: actions/checkout@v2
- uses: dart-lang/setup-dart@v1
with:
sdk: beta
- name: Dart Analyze
run: dart analyze > dart_analyze.txt || true
- name: Dart Analyze to SARIF
uses: advanced-security/dart-analyzer-sarif@main
with:
input: dart_analyze.txt
output: dart_analyze.sarif
- name: Upload SARIF to DeepSource
run: |
# Install the CLI
curl https://deepsource.io/cli | sh
# Send the report to DeepSource
./bin/deepsource report --analyzer dart-analyze --analyzer-type community --value-file ./dart_analyze.sarif
env:
DEEPSOURCE_DSN: ${{ secrets.DEEPSOURCE_DSN }}