This Action converts Dart Analyzer (and Flutter Analyzer) output to SARIF format.
Run dart analyze or flutter analyze, then give their output to this Action as input.
- name: Dart Analyze to SARIF
uses: advanced-security/dart-analyzer-sarif@main
with:
input: dart_analyze.txt
output: dart_analyze.sarifinput- The path to the input file, containing the output ofdart analyzeorflutter analyzeoutput- The path to the output file, containing the SARIF output. Default:dart_analyze.sarif
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
name: Dart Analyzer to SARIF
on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ $default-branch ]
schedule:
- cron: $cron-weekly
jobs:
dart-analyzer:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
name: Dart Analyzer to SARIF
steps:
- name: Checkout
uses: actions/checkout@v4
- uses: dart-lang/setup-dart@v1
- name: Dart Analyze
run: dart analyze > dart_analyze.txt || true
- name: Dart Analyze to SARIF
uses: advanced-security/dart-analyzer-sarif@main
with:
input: dart_analyze.txt
output: dart_analyze.sarif
- name: Upload SARIF
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: dart_analyze.sarif- Python 3.7 or later or
- GitHub Actions runner
This project is licensed under the terms of the MIT open source license. Please refer to the LICENSE for the full terms.
See CODEOWNERS for the list of maintainers.
See the SUPPORT file.
See the CHANGELOG, CONTRIBUTING, SECURITY, SUPPORT, CODE OF CONDUCT and PRIVACY files for more information.