ESLint #88
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This GitHub Actions workflow is designed to run ESLint, a tool for identifying and reporting on patterns found in ECMAScript/JavaScript code. | |
| # The workflow is triggered on push and pull request events to the "main" branch, as well as on a scheduled basis every Saturday at 12:25 PM UTC. | |
| # It includes the following steps: | |
| # 1. Harden Runner: Uses the step-security/harden-runner action to enhance the security of the GitHub Actions runner. | |
| # 2. Checkout code: Uses the actions/checkout action to check out the repository code. | |
| # 3. Install ESLint: Installs ESLint and the Microsoft SARIF formatter for ESLint. | |
| # 4. Run ESLint: Executes ESLint with the specified configuration and file extensions, outputting the results in SARIF format. | |
| # 5. Upload analysis results to GitHub: Uses the github/codeql-action/upload-sarif action to upload the ESLint results to GitHub for analysis. | |
| # | |
| # This workflow uses actions that are not certified by GitHub. | |
| # They are provided by a third-party and are governed by | |
| # separate terms of service, privacy policy, and support | |
| # documentation. | |
| # ESLint is a tool for identifying and reporting on patterns | |
| # found in ECMAScript/JavaScript code. | |
| # More details at https://github.com/eslint/eslint | |
| # and https://eslint.org | |
| name: ESLint | |
| on: | |
| push: | |
| branches: ["main"] | |
| pull_request: | |
| # The branches below must be a subset of the branches above | |
| branches: ["main"] | |
| schedule: | |
| - cron: "25 12 * * 6" | |
| permissions: | |
| contents: read | |
| jobs: | |
| eslint: | |
| name: Run eslint scanning | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| security-events: write | |
| actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Install ESLint | |
| run: | | |
| npm install [email protected] | |
| npm install @microsoft/[email protected] | |
| - name: Run ESLint | |
| env: | |
| SARIF_ESLINT_IGNORE_SUPPRESSED: "true" | |
| run: npx eslint . | |
| --config .eslintrc.js | |
| --ext .js,.jsx,.ts,.tsx | |
| --format @microsoft/eslint-formatter-sarif | |
| --output-file eslint-results.sarif | |
| continue-on-error: true | |
| - name: Upload analysis results to GitHub | |
| uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v2.27.0 | |
| with: | |
| sarif_file: eslint-results.sarif | |
| wait-for-processing: true |