Overview

File 0208-otp-upload-sarif-results-from-SAST-tooling.patch of Package erlang

From ccdaddd3ffae26f4652485e526aca78fc2835ba2 Mon Sep 17 00:00:00 2001
From: Kiko Fernandez-Reyes <kiko@erlang.org>
Date: Mon, 26 Jan 2026 09:58:23 +0100
Subject: [PATCH] otp: upload sarif results from SAST tooling

Uploads to CodeQL sarif results generated from the compiler hardening options
---
 .github/workflows/main.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
index f195ef7809..c1ac211562 100644
--- a/.github/workflows/main.yaml
+++ b/.github/workflows/main.yaml
@@ -646,6 +646,8 @@ jobs:
         run: docker run -v $PWD/:/github otp '/github/scripts/run-dialyzer'
       - name: Check OSSF compiler flags
         uses: ./.github/actions/ossf-compiler-flags-scanner
+        with:
+          upload: true
 
   test:
     name: Test Erlang/OTP
-- 
2.51.0
openSUSE Build Service is sponsored by
Places