Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

GitHub Action #1

Draft
wants to merge 2 commits into
base: master
Choose a base branch
from
Draft

GitHub Action #1

wants to merge 2 commits into from

Conversation

mattorb
Copy link
Owner

@mattorb mattorb commented Jan 29, 2020

This adapts the project to be usable as a Github Action.

The Action will fail (exit code 2), if any JS libraries with publicly disclosed vulnerabilities are detected.

Uses the existing docker container

The 'scan-url' Github workflow argument is explicity mapped to the
SCAN_URL environment variable already expected&handled by the docker
container.

This enables the Dockerfile to remain agnostic to the fact that it is
running as a Github action, rather than depending on the 'INPUT_'
github action var naming.
Enables the (calling) github action be marked 'fail' when
vulnerabilities are found.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
1 participant