{"id":19830696,"url":"https://github.com/crytic/amarna-action","last_synced_at":"2025-05-01T15:30:28.264Z","repository":{"id":47958280,"uuid":"515952613","full_name":"crytic/amarna-action","owner":"crytic","description":"Github action for the Amarna static analyzer","archived":true,"fork":false,"pushed_at":"2022-09-21T07:20:29.000Z","size":14,"stargazers_count":9,"open_issues_count":2,"forks_count":4,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-30T05:32:16.251Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/crytic.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-07-20T11:24:09.000Z","updated_at":"2025-02-18T10:55:42.000Z","dependencies_parsed_at":"2023-01-11T17:23:03.951Z","dependency_job_id":null,"html_url":"https://github.com/crytic/amarna-action","commit_stats":{"total_commits":9,"total_committers":1,"mean_commits":9.0,"dds":0.0,"last_synced_commit":"8e3637cdab240f02164ac76d33e94d904bcfcd6d"},"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/crytic%2Famarna-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/crytic%2Famarna-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/crytic%2Famarna-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/crytic%2Famarna-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/crytic","download_url":"https://codeload.github.com/crytic/amarna-action/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251898497,"owners_count":21661837,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-12T11:24:47.040Z","updated_at":"2025-05-01T15:30:28.005Z","avatar_url":"https://github.com/crytic.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Amarna Action\n\nThis action allows you to run the [Amarna static\nanalyzer](https://github.com/crytic/amarna) against your project, from\nwithin a GitHub Actions workflow.\n\nTo learn more about [Amarna](https://github.com/crytic/amarna) itself, visit\nits [GitHub repository](https://github.com/crytic/amarna).\n\n- [How to use](#how-to-use)\n- [Github Code Scanning integration](#github-code-scanning-integration)\n\n# How to use\n\nCreate `.github/workflows/amarna.yml`:\n```yaml\nname: Amarna Analysis\non: [push]\njobs:\n  analyze:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v3\n      - uses: crytic/amarna-action@v0.1.1\n```\n\n## Options\n\n| Key              | Description\n|------------------|------------\n| `sarif`          | If provided, the path of the SARIF file to produce, relative to the repo root (see [Github Code Scanning integration](#github-code-scanning-integration)).\n| `amarna-args`    | Extra arguments to pass to Amarna. \n| `amarna-version` | The version of amarna-analyzer to use. By default, the latest release in PyPI is used.\n| `target`         | The path to the root of the project to be analyzed by Amarna. Can be a directory or a file. Defaults to the repo root.\n\n# Github Code Scanning integration\n\nThe action supports the Github Code Scanning integration, which will push Amarna's alerts to the Security tab of the Github project (see [About code scanning](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning)). This integration eases the triaging of findings and improves the continious integration.\n\n## How to use\n\nTo enable the integration, use the `sarif` option, and upload the Sarif file to `codeql-action`:\n\n```yaml\nname: Amarna Analysis\non: [push]\njobs:\n  analyze:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v3\n      - name: Run Amarna\n        uses: crytic/amarna-action@v0.1.1\n        id: amarna\n        continue-on-error: true\n        with:\n          sarif: results.sarif\n          target: 'src/'\n\n      - name: Upload SARIF file\n        uses: github/codeql-action/upload-sarif@v2\n        with:\n          sarif_file: ${{ steps.amarna.outputs.sarif }}\n          checkout_path: '/github/workspace'\n```\n\nHere:\n- `continue-on-error: true` is required to let the SARIF upload step runs if Amarna finds issues\n- `id: amarna` is the name used in for `steps.amarna.outputs.sarif`\n- `target: 'src/'` means Amarna will analyze the `src/` directory\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcrytic%2Famarna-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcrytic%2Famarna-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcrytic%2Famarna-action/lists"}