--- # https://github.com/redhat-plumbers-in-action/differential-shellcheck#readme name: Differential ShellCheck on: push: branches: - main pull_request: branches: - main permissions: contents: read jobs: lint: if: github.event.repository.name != 'systemd-security' runs-on: ubuntu-24.04 permissions: security-events: write steps: - name: Repository checkout uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 with: fetch-depth: 0 - name: Differential ShellCheck uses: redhat-plumbers-in-action/differential-shellcheck@60c9f2b924a9c5a2ddbb25e7b23e8e11b56faab9 with: # exclude all `.in` files because they may contain unsupported syntax, and they have to be preprocessed first # TEMPORARY: exclude bash completion files, they would generate too many defects in Code scanning dashboard (600+) # exclude zsh completion files, zsh is not supported by ShellCheck exclude-path: | '**/*.in' 'shell-completion/bash/*' 'shell-completion/zsh/*' token: ${{ secrets.GITHUB_TOKEN }}