1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
---
# https://github.com/redhat-plumbers-in-action/differential-shellcheck#readme
name: Differential ShellCheck
on:
push:
branches:
- main
pull_request:
branches:
- main
permissions:
contents: read
jobs:
lint:
if: github.event.repository.name != 'systemd-security'
runs-on: ubuntu-24.04
permissions:
security-events: write
steps:
- name: Repository checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
fetch-depth: 0
- name: Differential ShellCheck
uses: redhat-plumbers-in-action/differential-shellcheck@dd551ce780d8af741f8cd8bab6982667b906b457
with:
# exclude all `.in` files because they may contain unsupported syntax, and they have to be preprocessed first
# TEMPORARY: exclude bash completion files, they would generate too many defects in Code scanning dashboard (600+)
# exclude zsh completion files, zsh is not supported by ShellCheck
exclude-path: |
'**/*.in'
'shell-completion/bash/*'
'shell-completion/zsh/*'
token: ${{ secrets.GITHUB_TOKEN }}
|
