Github Action to run a Fixinator Security Scan on your ColdFusion / CFML source code (cfm, cfc files).
Add the following to your Github Actions Workflow yaml file:
jobs:
fixinator:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Fixinator Security Scan
uses: foundeo/fixinator-github-action@master
with:
fixinator_api_key: ${{ secrets.FIXINATOR_API_KEY }}
Note you will need to setup a Secret containing your Fixinator API key in Github settings for your project.
The following inputs can be specified in the with
node:
This should be a valid fixinator_api_key. To obtain a trail key, visit: https://fixinator.app/try/
By default scans the entire repository. You can specify a folder path, a file path or a file globber pattern.
Filter the results by the confidence level. By default it runs in high
confidence mode, so only reports on issues it is highly confident are a security concern. You can set it to low
or medium
to see more results.
The minimum severity level to show in the results. By default it is set to low
but if you only want to see high
severity issues, then set it to high
.
A file globber pattern of paths to ignore from the scan.
By default the action will fail if it finds any issues. You can set it to false
to prevent it from failing when it finds issues.