Awesome
Code scanning with HLint
This is a GitHub action which scans Haskell code using HLint and uploads its suggested improvements to GitHub code scanning.
Usage
A minimal example for setting up code scanning with HLint:
name: Scan code with HLint
on: [push, pull_request]
jobs:
hlint:
runs-on: ubuntu-latest
permissions:
# Needed to upload results to GitHub code scanning.
security-events: write
steps:
- uses: actions/checkout@v4
- uses: haskell-actions/hlint-scan@v1
The action needs write permission for security-events to upload
the analysis results to GitHub.
If you would like to use this as a status check which would prevent pull requests from being merged until an issue is resolved, you can adjust the alert severity for which code scanning will trigger a failed check.
Inputs
None of the inputs are required. You only need to set them if the defaults do not work for your situation.
binary
Path to the hlint binary.
path
Path of file or directory that HLint will be told to scan. Multiple paths can be specified, delimited by whitespace.
hints
Path for HLint configuration file.
category
Category distinguishing multiple analyses at the same commit.
Outputs
sarif-id
The ID of the uploaded SARIF file.
Examples
When scanning code with HLint on pushes, issues will show up in the "Code scanning" dashboard in the "Security" section:
When scanning code with HLint in a pull request, issues with the change will be reported in the pull request:
Status
Code of conduct
Be nice; see CODE_OF_CONDUCT.md for details.
Security policy
See SECURITY.md for details.
Contributing
See CONTRIBUTING.md for details.
License
Apache 2.0; see LICENSE for details.
Disclaimer
This project is not an official Google project. It is not supported by Google, and Google specifically disclaims all warranties as to its quality, merchantability, or fitness for a particular purpose.