Skip to content
check

GitHub Action

SARIF support for reviewdog 🐶

v1.0.1 Latest version

SARIF support for reviewdog 🐶

check

SARIF support for reviewdog 🐶

Support SARIF for reviewdog on pull requests to improve code review experience

Installation

Copy and paste the following snippet into your .yml file.

              
- name: SARIF support for reviewdog 🐶

              
  uses: HollowMan6/sarif4reviewdog@v1.0.1
Learn more about this action in HollowMan6/sarif4reviewdog

Choose a version

SARIF for Reviewdog

Test reviewdog depup release GitHub release (latest SemVer) action-bumpr supported

PR example

The Static Analysis Results Interchange Format (SARIF) is an industry standard format for the output of static analysis tools.

reviewdog is an automated code review tool integrated with any code analysis tools regardless of programming language.

Input

inputs:
  github_token:
    description: 'GITHUB_TOKEN'
    default: '${{ github.token }}'
  ### Flags for reviewdog ###
  tool_name:
    description: 'Tool name to use for reviewdog reporter'
    default: 'SARIF'
  level:
    description: 'Report level for reviewdog [info,warning,error]'
    default: 'error'
  reporter:
    description: 'Reporter of reviewdog command [github-pr-check,github-pr-review].'
    default: 'github-pr-review'
  filter_mode:
    description: |
      Filtering mode for the reviewdog command [added,diff_context,file,nofilter].
      Default is added.
    default: 'added'
  fail_on_error:
    description: |
      Exit code for reviewdog when errors are found [true,false]
      Default is `false`.
    default: 'false'
  reviewdog_flags:
    description: 'Additional reviewdog flags'
    default: ''
  ### Flags for linter ###
  file:
    description: 'SARIF file path'
    default: ''
    required: true

Usage

name: sarif4reviewdog
on: [pull_request]
jobs:
  # TODO: change `linter_name`.
  sarif_reviewdog:
    name: sarif reviewdog
    runs-on: ubuntu-latest
    permissions:
      pull-requests: write
    steps:
      - uses: actions/checkout@v2
      - uses: HollowMan6/sarif4reviewdog@v1
        with:
          file: 'results.sarif'
          # Remember to allow GitHub Actions to create and approve pull requests
          # https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#preventing-github-actions-from-creating-or-approving-pull-requests
          github_token: ${{ secrets.github_token }}
          # Change reviewdog reporter if you need [github-pr-check,github-check,github-pr-review].
          reporter: github-pr-review
          # Change reporter level if you need.
          # GitHub Status Check won't become failure with warning.
          level: warning

Development

Release

haya14busa/action-bumpr

You can bump version on merging Pull Requests with specific labels (bump:major,bump:minor,bump:patch). Pushing tag manually by yourself also work.

haya14busa/action-update-semver

This action updates major/minor release tags on a tag push. e.g. Update v1 and v1.2 tag when released v1.2.3. ref: https://help.github.com/en/articles/about-actions#versioning-your-action

Dependencies Update Automation

This repository uses reviewdog/action-depup to update reviewdog version.