MobSF

v055v #1764

	name: MobSF

	on:
	push:
	branches: [ "main" ]
	pull_request:
	branches: [ "main" ]
	schedule:
	- cron: '17 23 * * 2'

	permissions:
	contents: read

	jobs:
	mobile-security:
	permissions:
	contents: read # for actions/checkout to fetch code
	security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
	actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v6

	- name: Setup python
	uses: actions/setup-python@v6
	with:
	python-version: 3.12

	- name: Run mobsfscan
	uses: MobSF/mobsfscan@3d87bc570c4614d705547bddb521395663dba353 # 0.4.5
	with:
	args: . --sarif --output results.sarif \|\| true

	- name: Upload mobsfscan report
	uses: github/codeql-action/upload-sarif@v4
	with:
	sarif_file: results.sarif

Provide feedback