.github/workflows/xanitizer-analysis.yml
name: "Xanitizer Security Analysis"
on:
push:
workflow_dispatch:
jobs:
xanitizer-security-analysis:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: Set up JDK 11
uses: actions/setup-java@v4
with:
java-version: 11
- name: Compile Java code
run: mvn -B compile
- name: Install JavaScript libraries
run: npm install
- name: Xanitizer Security Analysis
uses: RIGS-IT/xanitizer-action@v1
with:
license: ${{ secrets.XANITIZER_LICENSE }}
- uses: actions/upload-artifact@v4
with:
name: Xanitizer-Reports
path: |
*-Findings-List.pdf
*-Findings-List.sarif
- uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: Xanitizer-Findings-List.sarif