Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Appearance settings

Latest commit

 

History

History
History
63 lines (55 loc) · 2.03 KB

File metadata and controls

63 lines (55 loc) · 2.03 KB
Copy raw file
Download raw file
Open symbols panel
Edit and raw actions
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
# Socket Security GitHub Actions Workflow
# This workflow runs Socket Security scans on every commit to any branch
# It automatically detects git repository information and handles different event types
name: socket-security-workflow
run-name: Socket Security Github Action
on:
push:
branches: ['**'] # Run on all branches, all commits
pull_request:
types: [opened, synchronize, reopened]
issue_comment:
types: [created]
# Prevent concurrent runs for the same commit
concurrency:
group: socket-scan-${{ github.sha }}
cancel-in-progress: true
jobs:
socket-security:
permissions:
issues: write
contents: read
pull-requests: write
runs-on: ubuntu-latest
# Option 1: Use the official Socket CLI container (faster, more reliable)
container: socketdev/cli:latest
steps:
- uses: actions/checkout@v4
with:
# For PRs, fetch one additional commit for proper diff analysis
fetch-depth: 0
- name: Run Socket Security Scan
env:
SOCKET_SECURITY_API_KEY: ${{ secrets.SOCKET_SECURITY_API_KEY }}
GH_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
# Determine PR number based on event type
PR_NUMBER=0
if [ "${{ github.event_name }}" == "pull_request" ]; then
PR_NUMBER=${{ github.event.pull_request.number }}
elif [ "${{ github.event_name }}" == "issue_comment" ]; then
PR_NUMBER=${{ github.event.issue.number }}
fi
# Run Socket CLI with minimal required parameters
# The CLI automatically detects:
# - Repository name from git
# - Branch name from git
# - Commit SHA from git
# - Commit message from git
# - Committer information from git
# - Default branch status from git and GitHub environment
# - Changed files from git commit
socketcli \
--target-path $GITHUB_WORKSPACE \
--scm github \
--pr-number $PR_NUMBER
Morty Proxy This is a proxified and sanitized view of the page, visit original site.