87a391363e
* Upgrade GitHub actions & pin to commit hash The only exception is `google/oss-fuzz` which does not seem to have releases or Git tags, so pinning might not make sense there. Also adds `actions/setup-java` to the `codeql-analysis` workflow to explicitly specify the JDK version to use (and to use the caching of that action) instead of relying on the default JDK of the runner image. * Enable Dependabot for GitHub actions --------- Co-authored-by: Éamonn McManus <emcmanus@google.com>
26 lines
719 B
YAML
26 lines
719 B
YAML
name: CIFuzz
|
|
on: [pull_request]
|
|
jobs:
|
|
Fuzzing:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Build Fuzzers
|
|
id: build
|
|
uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
|
|
with:
|
|
oss-fuzz-project-name: 'gson'
|
|
dry-run: false
|
|
language: jvm
|
|
- name: Run Fuzzers
|
|
uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
|
|
with:
|
|
oss-fuzz-project-name: 'gson'
|
|
fuzz-seconds: 600
|
|
dry-run: false
|
|
- name: Upload Crash
|
|
uses: actions/upload-artifact@1eb3cb2b3e0f29609092a73eb033bb759a334595 # v4.1.0
|
|
if: failure() && steps.build.outcome == 'success'
|
|
with:
|
|
name: artifacts
|
|
path: ./out/artifacts
|