You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If you would like to use this as a status check which would prevent pull requests
from being merged until an issue is resolved, you can adjust the alert severity
for which code scanning will trigger a failed check.
Inputs
None of the inputs are required.
You only need to set them if the defaults do not work for your situation.
binary
Path to the hlint binary.
path
Path of file or directory that HLint will be told to scan.
Multiple paths can be specified, delimited by whitespace.
Category distinguishing multiple analyses at the same commit.
fail-on
If not empty, then this disables code scanning and instead outputs annotations.
The value can be one of 'never', 'error', 'warning', or 'note',
which are based on the levels specified by SARIF,
and it controls at what level a non-zero exit can happen.
Note that for pull requests, the non-zero exit can happen even if the issue
is in part of the code not changed by the pull request.
This is only intended for use in private GitHub repositories which do not have code scanning available.
Outputs
sarif-id
The ID of the uploaded SARIF file.
Examples
When scanning code with HLint on pushes, issues will show up in
the "Code scanning" dashboard in the "Security" section:
When scanning code with HLint in a pull request, issues with the change
will be reported in the pull request:
This project is not an official Google project. It is not supported by Google,
and Google specifically disclaims all warranties as to its quality,
merchantability, or fitness for a particular purpose.
