build(deps): bump node from 22 to 23 (#646) #255
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ClusterFuzzLite fuzzing | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| permissions: read-all | |
| jobs: | |
| PR: | |
| runs-on: ubuntu-latest | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ matrix.sanitizer }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| sanitizer: | |
| - address | |
| # Override this with the sanitizers you want. | |
| # - undefined | |
| # - memory | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
| with: | |
| egress-policy: audit | |
| - name: Build Fuzzers (${{ matrix.sanitizer }}) | |
| id: build | |
| uses: google/clusterfuzzlite/actions/build_fuzzers@884713a6c30a92e5e8544c39945cd7cb630abcd1 # v1 | |
| with: | |
| language: jvm # Change this to the language you are fuzzing. | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| sanitizer: ${{ matrix.sanitizer }} | |
| # Optional but recommended: used to only run fuzzers that are affected | |
| # by the PR. | |
| # See later section on "Git repo for storage". | |
| # storage-repo: https://${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/OWNER/STORAGE-REPO-NAME.git | |
| # storage-repo-branch: main # Optional. Defaults to "main" | |
| # storage-repo-branch-coverage: gh-pages # Optional. Defaults to "gh-pages". | |
| - name: Run Fuzzers (${{ matrix.sanitizer }}) | |
| id: run | |
| uses: google/clusterfuzzlite/actions/run_fuzzers@884713a6c30a92e5e8544c39945cd7cb630abcd1 # v1 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| fuzz-seconds: 60 | |
| mode: 'batch' | |
| sanitizer: ${{ matrix.sanitizer }} | |
| output-sarif: true | |
| # Optional but recommended: used to download the corpus produced by | |
| # batch fuzzing. | |
| # See later section on "Git repo for storage". | |
| # storage-repo: https://${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/OWNER/STORAGE-REPO-NAME.git | |
| # storage-repo-branch: main # Optional. Defaults to "main" | |
| # storage-repo-branch-coverage: gh-pages # Optional. Defaults to "gh-pages". |