Fixes Create reusable Github action

 #361

Author: spoorcc

.github/actions/dfetch-action.yml

@@ -0,0 +1,70 @@
+
+# Dfetch SARIF Check Action
+# =========================
+#
+# This action installs dfetch, runs `dfetch check --sarif`, and uploads the SARIF file for code scanning.
+#
+# ## Usage Example
+#
+# ```yaml
+# jobs:
+#   dfetch-scan:
+#     runs-on: ubuntu-latest
+#     steps:
+#       - uses: actions/checkout@v4
+#       - name: Run Dfetch SARIF Check
+#         uses: dfetch-org/dfetch/.github/actions/dfetch-action@main
+#         with:
+#           dfetch-install: '.'
+#           working-directory: '.' # optional, defaults to project root
+# ```
+#
+# ## Inputs
+# - `dfetch-install`: pip install argument for dfetch (default: . for local)
+# - `working-directory`: Directory to run dfetch in (default: project root)
+#
+# ## Outputs
+# - `sarif-path`: Path to the generated SARIF file (sarif.json)
+#
+# ## Author
+# - Maintained by dfetch-org
+name: 'Dfetch SARIF Check'
+description: 'Run dfetch check and upload SARIF results.'
+author: 'dfetch-org'
+branding:
+  icon: 'check-circle'
+  color: 'blue'
+
+inputs:
+  dfetch-install:
+    description: 'pip install argument for dfetch (default: . for local)'
+    required: false
+    default: '.'
+  working-directory:
+    description: 'Directory to run dfetch in (default: project root)'
+    required: false
+    default: '.'
+
+outputs:
+  sarif-path:
+    description: 'Path to the generated SARIF file.'
+    value: sarif.json
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Setup Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: '3.13'
+    - name: Install dfetch
+      run: pip install ${{ inputs.dfetch-install }}
+      shell: bash
+    - name: Run dfetch check (SARIF)
+      run: dfetch check --sarif sarif.json
+      shell: bash
+      working-directory: ${{ inputs.working-directory }}
+    - name: Upload SARIF file
+      uses: github/codeql-action/upload-sarif@v3
+      with:
+        sarif_file: sarif.json