Analyze #306

	#
	# Repository analysis
	#

	# NOTES:
	# This workflow uses PSRule, and DevSkim.
	# You can read more about these linting tools and configuration options here:
	# PSRule - https://aka.ms/ps-rule and https://github.com/Microsoft/PSRule.Rules.MSFT.OSS
	# DevSkim - https://github.com/microsoft/DevSkim-Action and https://github.com/Microsoft/DevSkim

	name: Analyze
	on:
	push:
	branches: [main, 'release/', 'dependencies/']
	pull_request:
	branches: [main, 'release/*']
	schedule:
	- cron: '42 18 * * 0' # At 6:42 PM, on Sunday each week
	workflow_dispatch:

	jobs:
	oss:
	name: Analyze with PSRule
	runs-on: ubuntu-latest
	permissions:
	contents: read
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Run PSRule analysis
	uses: microsoft/ps-rule@main
	with:
	modules: PSRule.Rules.MSFT.OSS
	prerelease: true

	devskim:
	name: Analyze with DevSkim
	runs-on: ubuntu-latest
	permissions:
	actions: read
	contents: read
	security-events: write
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Run DevSkim scanner
	uses: microsoft/DevSkim-Action@v1
	with:
	directory-to-scan: .

	- name: Upload results to security tab
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: devskim-results.sarif

Provide feedback