-
-
Notifications
You must be signed in to change notification settings - Fork 101
/
Copy pathaction.yml
47 lines (43 loc) · 1.8 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
name: 'mobsfscan'
author: 'Ajin Abraham <[email protected]>'
description: 'mobsfscan is a SAST that can find insecure code patterns in your Android and iOS source code.'
branding:
icon: 'code'
color: 'blue'
inputs:
args:
description: |
positional arguments:
path Path can be file(s) or directories with source code
optional arguments:
-h, --help show this help message and exit
--json set output format as JSON
--sarif set output format as SARIF 2.1.0
--sonarqube set output format compatible with SonarQube
--html set output format as HTML
--type {android,ios,auto}
optional: force android or ios rules explicitly
-o OUTPUT, --output OUTPUT
output filename to save the result
-c CONFIG, --config CONFIG
location to .mobsf config file
-mp {default,billiard,thread}, --multiprocessing {default,billiard,thread}
optional: specify multiprocessing strategy
-w, --exit-warning non zero exit code on warning
--no-fail force zero exit code, takes precedence over --exit-warning
-v, --version show mobsfscan version
required: true
runs:
using: "composite"
steps:
- shell: bash
run: |
echo "::group::Installing mobsfscan dependencies"
python3 -m pip install -r ${{ github.action_path }}/requirements.txt
echo "::endgroup::"
- shell: bash
run: |
PYTHONPATH=${{ github.action_path }} && export PYTHONPATH=${{ github.action_path }}
echo "Running mobsfscan..."
python3 -m mobsfscan ${{ inputs.args }}
echo "Finished"