Update .gitea/workflows/mobsf.yml

.gitea/workflows/mobsf.yml

@@ -8,26 +8,31 @@ jobs:
       - name: Checkout Code
         uses: https://github.com/actions/checkout@v4
 
-      # We manually install and run mobsfscan in a venv to avoid OS conflicts
       - name: Run MobSF Scan
         run: |
-          # 1. Setup a clean virtual environment
+          # Setup environment
           python3 -m venv .mobsf_venv
           source .mobsf_venv/bin/activate
+          python3 -m pip install mobsfscan --quiet
 
-          # 2. Install mobsfscan inside the venv
-          python3 -m pip install --upgrade pip
-          python3 -m pip install mobsfscan
+          # ---------------------------------------------------------
+          # ENFORCEMENT STRENGTH (Uncomment only ONE line)
+          # ---------------------------------------------------------
           
-          # 3. Create the report placeholder
-          echo "<html><body><h1>Scan Results</h1><p>No issues.</p></body></html>" > report.html
-          
-          # 4. Run the scan on your app directory specifically
-          # We use || true so the pipeline continues even if it finds bugs
+          # STRENGTH: LOG ONLY (Always green build, artifact if bugs found)
           mobsfscan --html --output report.html app/src/main || true
           
+          # STRENGTH: STRICT (Red build if ANY Warning/Error found)
+          # mobsfscan --html --output report.html app/src/main
+
+          # STRENGTH: CRITICAL ONLY (Red build only on High/Error severity)
+          # mobsfscan --html --output report.html --error-level ERROR app/src/main
+          # ---------------------------------------------------------
+
       - name: Upload Report to Gitea
+        # if-no-files-found: ignore ensures NO artifact is created if scan is clean
         uses: https://gitea.com/actions/upload-artifact@v3
         with:
           name: MobSF-Security-Report
           path: report.html
+          if-no-files-found: ignore