From 7ca36385d3c0927ea6544038aa486073434ec3e5 Mon Sep 17 00:00:00 2001
From: Parth Sharma <86726240+parth-deepsource@users.noreply.github.com>
Date: Fri, 10 Nov 2023 16:02:35 +0530
Subject: [PATCH] Create dart_analyze.yaml

---
 .github/workflows/dart_analyze.yaml | 35 +++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 .github/workflows/dart_analyze.yaml

diff --git a/.github/workflows/dart_analyze.yaml b/.github/workflows/dart_analyze.yaml
new file mode 100644
index 000000000..b0263f2d6
--- /dev/null
+++ b/.github/workflows/dart_analyze.yaml
@@ -0,0 +1,35 @@
+name: Dart Analyzer to SARIF
+on:
+  push:
+    branches: [ $default-branch, $protected-branches ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ $default-branch ]
+jobs:
+  dart-analyzer:
+    permissions:
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+    runs-on: ubuntu-latest
+    name: Dart Analyzer to SARIF
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - uses: dart-lang/setup-dart@v1
+        with:
+          sdk: beta
+      - name: Dart Analyze
+        run: dart analyze > dart_analyze.txt || true
+      - name: Dart Analyze to SARIF
+        uses: advanced-security/dart-analyzer-sarif@main
+        with:
+          input: dart_analyze.txt
+          output: dart_analyze.sarif
+      - name: Upload SARIF to DeepSource
+        run: |
+          # Install the CLI
+          curl https://deepsource.io/cli | sh
+
+          # Send the report to DeepSource
+          ./bin/deepsource report --analyzer dart-analyze --analyzer-type community --value-file ./dart_analyze.sarif