JonKazama-Hellion
699d4ede1d
Add .prettierrc.json, .markdownlint.json, .yamllint.yaml, .gitattributes Run CSharpier, Prettier and markdownlint across the entire codebase. No logic changes — formatting, using order and line endings only.
21 lines
805 B
YAML
21 lines
805 B
YAML
name: Security
|
|
on:
|
|
push:
|
|
branches: [main, master]
|
|
pull_request:
|
|
schedule:
|
|
- cron: "0 6 * * 1"
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
scan:
|
|
uses: JonKazama-Hellion/security-workflows/.gitea/workflows/security-scan.yml@main
|
|
with:
|
|
# MessageStore.cs uses string-interpolation in CommandText for table
|
|
# names and clause-joins that come from internal code constants, not
|
|
# user input. Values are bound via SqlParameter, the SQL surface is
|
|
# local-only inside a Dalamud plugin. Semgrep matches the pattern
|
|
# without dataflow, so it flags those eight call sites; CodeQL
|
|
# would not. Suppressed for this repo only.
|
|
semgrep-exclude-rules: "csharp.lang.security.sqli.csharp-sqli.csharp-sqli"
|