GitHub Action
Electronegativity
v2.0
Latest version
The action integrates Electronegativity, a tool to identify misconfigurations and security anti-patterns in Electron applications, into GitHub CI/CD. It produces a GitHub compatible SARIF file for uploading to the repository 'Code scanning alerts'.
on:
push:
jobs:
build_job:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
with:
node-version: '12'
- uses: doyensec/electronegativity-action@v2
- name: Upload sarif
uses: github/codeql-action/upload-sarif@v1
with:
sarif_file: ../electronegativity_results
I'm getting checkPermissions Missing write access to /usr/local/lib/node_modules
Add the following lines in your workflow before the action:
- uses: actions/setup-node@v2
with:
node-version: '12' # or the node version you need
See https://docs.npmjs.com/resolving-eacces-permissions-errors-when-installing-packages-globally for other possible solutions.
I'm running into the Fatal Error JavaScript heap out of memory
Specify additional memory with node arguments:
- uses: doyensec/electronegativity-action@v1.1
with:
node-args: "--max-old-space-size=4096"