actions/security-scan/rules.yml

---
# Validation rules for security-scan action
# Generated by update-validators.py v1.0.0 - DO NOT EDIT MANUALLY
# Schema version: 1.0
# Coverage: 86% (6/7 inputs)
#
# This file defines validation rules for the security-scan GitHub Action.
# Rules are automatically applied by validate-inputs action when this
# action is used.
#

schema_version: '1.0'
action: security-scan
description: |
  Comprehensive security scanning for GitHub Actions including actionlint,
  Gitleaks (optional), and Trivy vulnerability scanning. Requires
  'security-events: write' and 'contents: read' permissions in the workflow.
generator_version: 1.0.0
required_inputs: []
optional_inputs:
  - actionlint-enabled
  - gitleaks-config
  - gitleaks-license
  - token
  - trivy-scanners
  - trivy-severity
  - trivy-timeout
conventions:
  actionlint-enabled: boolean
  gitleaks-config: file_path
  token: github_token
  trivy-scanners: scanner_list
  trivy-severity: severity_enum
  trivy-timeout: timeout_with_unit
overrides:
  actionlint-enabled: boolean
  gitleaks-config: file_path
  token: github_token
  trivy-scanners: scanner_list
  trivy-severity: severity_enum
  trivy-timeout: timeout_with_unit
statistics:
  total_inputs: 7
  validated_inputs: 6
  skipped_inputs: 0
  coverage_percentage: 86
validation_coverage: 86
auto_detected: true
manual_review_required: false
quality_indicators:
  has_required_inputs: false
  has_token_validation: true
  has_version_validation: false
  has_file_validation: true
  has_security_validation: true