Skip to content
Source Composition Analysis Scan

DX | 12-01-2026 | Release #14

Sign in to view logs

DX | 12-01-2026 | Release

DX | 12-01-2026 | Release #14

Workflow file for this run

.github/workflows/sca-scan.yml at 72ef38b
name: Source Composition Analysis Scan
on:
pull_request:
types: [opened, synchronize, reopened]
jobs:
security-sca:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Dart
uses: dart-lang/setup-dart@v1
with:
sdk: stable
- name: Install dependencies
run: dart pub get
- name: Check for outdated dependencies
run: dart pub outdated || true
- name: Run OSV Scanner for vulnerabilities
run: |
curl -L https://github.com/google/osv-scanner/releases/latest/download/osv-scanner_linux_amd64 -o osv-scanner
chmod +x osv-scanner
./osv-scanner --lockfile=pubspec.lock --format=json --output=osv-results.json || true
- name: Display OSV Scanner results
if: always()
run: |
if [ -f osv-results.json ]; then
echo "OSV Scanner Results:"
cat osv-results.json
else
echo "No vulnerabilities found!"
fi