devskim
Use --ignore-globs to ignore files and/or folders
devskim documentation
- Version in MegaLinter: 0.7.104
- Visit Official Web Site
- See How to configure devskim rules
- See How to ignore files and directories with devskim
Configuration in MegaLinter
- Enable devskim by adding
REPOSITORY_DEVSKIMin ENABLE_LINTERS variable - Disable devskim by adding
REPOSITORY_DEVSKIMin DISABLE_LINTERS variable
| Variable | Description | Default value |
|---|---|---|
| REPOSITORY_DEVSKIM_ARGUMENTS | User custom arguments to add in linter CLI call Ex: -s --foo "bar" |
|
| REPOSITORY_DEVSKIM_PRE_COMMANDS | List of bash commands to run before the linter | None |
| REPOSITORY_DEVSKIM_POST_COMMANDS | List of bash commands to run after the linter | None |
| REPOSITORY_DEVSKIM_UNSECURED_ENV_VARIABLES | List of env variables explicitly not filtered before calling REPOSITORY_DEVSKIM and its pre/post commands | None |
| REPOSITORY_DEVSKIM_DISABLE_ERRORS | Run linter but consider errors as warnings | false |
| REPOSITORY_DEVSKIM_DISABLE_ERRORS_IF_LESS_THAN | Maximum number of errors allowed | 0 |
| REPOSITORY_DEVSKIM_CLI_EXECUTABLE | Override CLI executable | ['devskim'] |
IDE Integration
Use devskim in your favorite IDE to catch errors before MegaLinter !
| IDE | Extension Name | Install | |
|---|---|---|---|
| Visual Studio Code | VSCode DevSkim |  |
MegaLinter Flavours
This linter is available in the following flavours
| Flavor | Description | Embedded linters | Info | |
|---|---|---|---|---|
 |
all | Default MegaLinter Flavor | 113 |   |
| security | Optimized for security | 21 |   |
Behind the scenes
How are identified applicable files
- If this linter is active, all files will always be linted
How the linting is performed
devskim is called once on the whole project directory (project CLI lint mode)
- filtering can not be done using MegaLinter configuration variables,it must be done using devskim configuration or ignore file (if existing)
VALIDATE_ALL_CODEBASE: falsedoesn't make devskim analyze only updated files
Example calls
devskim analyze .
devskim analyze --file-format sarif .
Help content
Microsoft DevSkim Command Line Interface 0.7.104+bd34d6c82b
Usage: devskim [options] [command]
Options:
-?|-h|--help Show help information
-v|--version Show version information
Commands:
analyze Analyze source code
catalogue Create csv file catalogue of rules
pack Pack rules into a single file
test Run tests for rules
verify Verify integrity and syntax of rules
Use "devskim [command] --help" for more information about a command.
Installation on mega-linter Docker image
- Dockerfile commands :
RUN wget --tries=5 -q -O dotnet-install.sh https://dot.net/v1/dotnet-install.sh \
&& chmod +x dotnet-install.sh \
&& ./dotnet-install.sh --install-dir /usr/share/dotnet -channel 6.0 -version latest
ENV PATH="${PATH}:/root/.dotnet/tools:/usr/share/dotnet"
RUN dotnet tool install --global Microsoft.CST.DevSkim.CLI --version 0.7.104