devskim
Use --ignore-globs
to ignore files and/or folders
devskim documentation
- Version in MegaLinter: 0.7.104
- Visit Official Web Site
- See How to configure devskim rules
- See How to ignore files and directories with devskim
Configuration in MegaLinter
- Enable devskim by adding
REPOSITORY_DEVSKIM
in ENABLE_LINTERS variable - Disable devskim by adding
REPOSITORY_DEVSKIM
in DISABLE_LINTERS variable
Variable | Description | Default value |
---|---|---|
REPOSITORY_DEVSKIM_ARGUMENTS | User custom arguments to add in linter CLI call Ex: -s --foo "bar" |
|
REPOSITORY_DEVSKIM_PRE_COMMANDS | List of bash commands to run before the linter | None |
REPOSITORY_DEVSKIM_POST_COMMANDS | List of bash commands to run after the linter | None |
REPOSITORY_DEVSKIM_UNSECURED_ENV_VARIABLES | List of env variables explicitly not filtered before calling REPOSITORY_DEVSKIM and its pre/post commands | None |
REPOSITORY_DEVSKIM_DISABLE_ERRORS | Run linter but consider errors as warnings | false |
REPOSITORY_DEVSKIM_DISABLE_ERRORS_IF_LESS_THAN | Maximum number of errors allowed | 0 |
REPOSITORY_DEVSKIM_CLI_EXECUTABLE | Override CLI executable | ['devskim'] |
IDE Integration
Use devskim in your favorite IDE to catch errors before MegaLinter !
IDE | Extension Name | Install | |
---|---|---|---|
Visual Studio Code | VSCode DevSkim |
MegaLinter Flavours
This linter is available in the following flavours
Flavor | Description | Embedded linters | Info | |
---|---|---|---|---|
all | Default MegaLinter Flavor | 113 | ||
security | Optimized for security | 21 |
Behind the scenes
How are identified applicable files
- If this linter is active, all files will always be linted
How the linting is performed
devskim is called once on the whole project directory (project
CLI lint mode)
- filtering can not be done using MegaLinter configuration variables,it must be done using devskim configuration or ignore file (if existing)
VALIDATE_ALL_CODEBASE: false
doesn't make devskim analyze only updated files
Example calls
devskim analyze .
devskim analyze --file-format sarif .
Help content
Microsoft DevSkim Command Line Interface 0.7.104+bd34d6c82b
Usage: devskim [options] [command]
Options:
-?|-h|--help Show help information
-v|--version Show version information
Commands:
analyze Analyze source code
catalogue Create csv file catalogue of rules
pack Pack rules into a single file
test Run tests for rules
verify Verify integrity and syntax of rules
Use "devskim [command] --help" for more information about a command.
Installation on mega-linter Docker image
- Dockerfile commands :
RUN wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh \
&& chmod +x dotnet-install.sh \
&& ./dotnet-install.sh --install-dir /usr/share/dotnet -channel 6.0 -version latest
ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet"
RUN dotnet tool install --global Microsoft.CST.DevSkim.CLI --version 0.7.104