refactor: renaming module

.github/workflows/semantic-release.yml

@@ -22,27 +22,28 @@ jobs:
         GITHUB_TOKEN: ${{ github.token }}
 
     - name: Build the Docker image
-      run: docker build -t dustico/dusti-lock:${{ steps.semantic_release_info.outputs.git_tag }} .
+      if: ${{ steps.semantic_release_info.outputs.git_tag }}
+      run: docker build -t checkmarx/dustilock:${{ steps.semantic_release_info.outputs.git_tag }} .
 
     - name: Tag version
+      if: ${{ steps.semantic_release_info.outputs.git_tag }}
+      id: tag_version
       run: |
-        git config --local user.email "action@github.com"
-        git config --local user.name "GitHub Action"
+        git config --local user.email "devops@dusti.co"
+        git config --local user.name "Dustico DevOps"
         git tag ${{ steps.semantic_release_info.outputs.git_tag }}
-
-    - name: Push changes
-      uses: ad-m/github-push-action@v0.6.0
-      with:
-        github_token: ${{ github.token }}
-        tags: true
+        git push
+        echo ::set-output name=latest_commit_hash::$(git rev-parse HEAD)
 
     - name: Create GitHub release
+      if: ${{ steps.semantic_release_info.outputs.git_tag }}
       uses: actions/create-release@v1
       env:
         GITHUB_TOKEN: ${{ github.token }}
       with:
         tag_name: ${{ steps.semantic_release_info.outputs.git_tag }}
         release_name: ${{ steps.semantic_release_info.outputs.git_tag }}
         body: ${{ steps.semantic_release_info.outputs.notes }}
+        commitish: ${{ steps.tag_version.outputs.latest_commit_hash }}
         draft: false
         prerelease: false

.gitignore

@@ -1,3 +1,3 @@
-dusti-lock
+dustilock
 .idea
 tests

Dockerfile

@@ -2,6 +2,6 @@ FROM golang:1.13
 WORKDIR /src
 COPY . .
 ENV GO111MODULE=on
-RUN go build -o /bin/dusti-lock
+RUN go build -o /bin/dustilock
 COPY entrypoint.sh /entrypoint.sh
 ENTRYPOINT ["/entrypoint.sh"]

action.yml

@@ -1,5 +1,5 @@
 name: 'DustiLock'
-description: 'Scanning project dependencies - checks if one or more is available for public registration'
+description: 'DustiLock is a tool to find which of your dependencies is susceptible to Dependency Confusion attack'
 inputs:
   recursive:
     description: 'scan recursively (default = false)'
@@ -17,5 +17,5 @@ runs:
   using: 'docker'
   image: 'Dockerfile'
 branding:
-  icon: 'edit'
-  color: 'yellow'
+  icon: "shield"
+  color: "green"

analysis/analysis.go

@@ -3,8 +3,8 @@ package analysis
 import (
 	"bufio"
 	"fmt"
-	"github.com/dustico/dusti-lock/dependencies"
-	"github.com/dustico/dusti-lock/registry"
+	"github.com/checkmarx/dustilock/dependencies"
+	"github.com/checkmarx/dustilock/registry"
 	"io/ioutil"
 	"os"
 	"path"

entrypoint.sh

@@ -15,4 +15,4 @@ if [ -n "$INPUT_PATH" ]; then
     export SCAN_PATH="$SCAN_PATH$INPUT_PATH"
 fi
 
-/bin/dusti-lock -p $SCAN_PATH$ARGS
+/bin/dustilock -p $SCAN_PATH$ARGS

go.mod

@@ -1,4 +1,4 @@
-module github.com/dustico/dusti-lock
+module github.com/checkmarx/dustilock
 
 require github.com/akamensky/argparse v1.2.2
 

main.go

@@ -3,7 +3,7 @@ package main
 import (
 	"fmt"
 	"github.com/akamensky/argparse"
-	"github.com/dustico/dusti-lock/analysis"
+	"github.com/checkmarx/dustilock/analysis"
 	"log"
 	"os"
 	"path/filepath"
@@ -15,7 +15,7 @@ var excludedDirectories = map[string]bool{
 }
 
 func main() {
-	parser := argparse.NewParser("DustiLock", "Scans project dependencies for potential hijacking supply chain attack")
+	parser := argparse.NewParser("DustiLock", "a tool to find which of your dependencies is susceptible to Dependency Confusion attack")
 	recursive := parser.Flag("r", "recursive", &argparse.Options{Help: "scan all files recursively"})
 	audit := parser.Flag("a", "audit", &argparse.Options{Help: "audit only mode"})
 	customDir := parser.String("p", "path", &argparse.Options{Help: "the path to scan. default is cwd"})