From f730aed93a49b70ac79f293db1fb1b56ceeb3f56 Mon Sep 17 00:00:00 2001
From: Rajendra Reddy <rajendra@wdipl.com>
Date: Wed, 18 Feb 2026 19:26:16 +0000
Subject: [PATCH] Update .gitea/workflows/mobsf.yml

---
 .gitea/workflows/mobsf.yml | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/.gitea/workflows/mobsf.yml b/.gitea/workflows/mobsf.yml
index cd33b28..e1263f0 100644
--- a/.gitea/workflows/mobsf.yml
+++ b/.gitea/workflows/mobsf.yml
@@ -8,19 +8,18 @@ jobs:
       - name: Checkout Code
         uses: https://github.com/actions/checkout@v4
 
-      - name: Prepare Report File
-        run: |
-          echo "<html><body><h1>Scan Results</h1><p>No issues found.</p></body></html>" > report.html
-          chmod 777 report.html
-
       - name: Run MobSF Scan
         run: |
-          # We scan the root ('.') and use verbose (-v) to see what is happening
-          # We use --no-fail so the step doesn't crash Gitea before we upload the report
+          # 1. Create a placeholder
+          echo "<html><body><h1>Scan Results</h1><p>No issues.</p></body></html>" > report.html
+          
+          # 2. POINT DIRECTLY TO SOURCE
+          # We map the root to /src, but tell mobsfscan to only scan /src/app/src/main
+          # This forces it to ignore Gradle/Wrapper files and focus on your code
           docker run --rm \
             -v "${{ github.workspace }}:/src" \
             opensecurity/mobsfscan:latest \
-            -v --no-fail --html -o /src/report.html /src
+            --html -o /src/report.html /src/app/src/main || true
 
       - name: Upload Report to Gitea
         uses: https://gitea.com/actions/upload-artifact@v3