Skip to content

Focus root README on GitHub Action for Marketplace #9

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
BjornvdLaan merged 1 commit into from
Apr 29, 2026
Merged

Focus root README on GitHub Action for Marketplace #9

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 9 additions & 29 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,40 +17,19 @@ The harvest-now-decrypt-later (HNDL) threat is not theoretical: RSA and ECC prot

Real companies have mixed crypto: internal services migrate to PQC, but SWIFT, partner APIs, and legacy tools stay classical. Observer is built for this reality: it finds every usage, classifies it by quantum threat, and lets you suppress exceptions with audit metadata instead of pretending they don't exist.

## Quickstart - GitHub Action
## Quickstart

```yaml
- uses: GetQuantumDrive/Observer@v0.1.0
with:
fail-on: critical
```

Scans every push and PR, annotates vulnerable lines, fails the build on critical findings. Default rules are bundled into the Docker image, zero network on the default path.
Scans every push and PR, annotates vulnerable lines, and fails the build on critical findings. `fail-on: critical` is the default — a bare `uses:` line with no `with:` block behaves identically. Default rules are bundled into the Docker image; zero network requests on the default scan path.

## Quickstart - Gradle plugin
## Other integrations

```kotlin
plugins {
id("io.getquantumdrive.observer") version "0.1.0"
}

observer {
failOn.set("critical")
}
```

Then: `./gradlew observerScan`. The plugin downloads the Observer binary on first run (checksum-verified, cached under `~/.gradle/caches/observer/`).

## Quickstart - standalone CLI

```bash
# Docker (recommended - bundled rules, no setup)
docker run --rm -v $PWD:/src ghcr.io/getquantumdrive/observer:0.1.0 --dir /src

# Native
go install github.com/getquantumdrive/observer/cmd/observer@v0.1.0
observer --dir . --rules-repo GetQuantumDrive/Observer-rules
```
Observer also ships a [Gradle plugin](plugins/gradle/README.md) and a [standalone CLI](cmd/observer/README.md) with the same rule set and output formats.

## Taxonomy

Expand Down Expand Up @@ -349,11 +328,12 @@ Your CI pipeline

## More documentation

| Component | Reference |
| Reference | Contents |
|---|---|
| Standalone CLI | [cmd/observer/README.md](cmd/observer/README.md) — all flags, examples, output formats |
| Gradle plugin | [plugins/gradle/README.md](plugins/gradle/README.md) — extension DSL, tasks, Groundstate |
| Bulk scan scripts | [scripts/README.md](scripts/README.md) — scan-all, aggregate, html-report, run |
| [action.yml](action.yml) | Full input/output reference |
| [cmd/observer/README.md](cmd/observer/README.md) | Standalone CLI — all flags, examples, output formats |
| [plugins/gradle/README.md](plugins/gradle/README.md) | Gradle plugin — extension DSL, tasks, Groundstate |
| [scripts/README.md](scripts/README.md) | Bulk scan scripts — scan-all, aggregate, html-report |

## Contributing

Expand Down
Loading