From 757e34e5d9b0351858694bf49482ec2320161727 Mon Sep 17 00:00:00 2001 From: SOOS-JAlvarez <92373106+SOOS-JAlvarez@users.noreply.github.com> Date: Wed, 20 Dec 2023 14:57:18 -0300 Subject: [PATCH] PA-12267 Standardize Readme (#17) * PA-12267 Standardize Readme * seo text, link fix --- README.md | 37 ++++++++++++++++--------------------- package.json | 8 ++++++++ 2 files changed, 24 insertions(+), 21 deletions(-) diff --git a/README.md b/README.md index fa75462..ddce0ad 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ SOOS is an independent software security company, located in Winooski, VT USA, building security software for your team. [SOOS, Software security, simplified](https://soos.io). -Use SOOS to scan your software for [vulnerabilities](https://app.soos.io/research/vulnerabilities) and [open source license](https://app.soos.io/research/licenses) issues with [SOOS Core SCA](https://soos.io/products/sca). [Generate SBOMs](https://kb.soos.io/help/soos-reports-for-export). Govern your open source dependencies. Run the [SOOS DAST vulnerability scanner](https://soos.io/products/dast) against your web apps or APIs. +Use SOOS to scan your software for [vulnerabilities](https://app.soos.io/research/vulnerabilities) and [open source license](https://app.soos.io/research/licenses) issues with [SOOS Core SCA](https://soos.io/products/sca). [Generate and ingest SBOMs](https://soos.io/products/sbom-manager). [Export reports](https://kb.soos.io/help/soos-reports-for-export) to industry standards. Govern your open source dependencies. Run the [SOOS DAST vulnerability scanner](https://soos.io/products/dast) against your web apps or APIs. [Scan your Docker containers](https://soos.io/products/containers) for vulnerabilities. Check your source code for issues with [SAST Analysis](https://soos.io/products/sast). [Demo SOOS](https://app.soos.io/demo) or [Register for a Free Trial](https://app.soos.io/register). @@ -27,29 +27,24 @@ docker run -it --rm \ : ``` -## Parameters +## Client Parameters | Argument | Default | Description | | --- | --- | --- | -| `--apiKey` | None | SOOS API Key - get yours from https://app.soos.io/integrate/containers | -| `--apiURL` | https://api.soos.io/api/ | SOOS API URL - Intended for internal use only, do not modify. | -| `--appVersion` | None | App Version - Intended for internal use only. | -| `--branchName` | null | The name of the branch from the SCM System. | -| `--branchURI` | null | The URI to the branch from the SCM System. | -| `--buildURI` | null | URI to CI build info. | -| `--buildVersion` | null | Version of application build artifacts. | -| `--clientId` | None | SOOS Client ID - get yours from https://app.soos.io/integrate/containers | -| `--commitHash` | null | The commit hash value from the SCM System. | -| `--integrationName` | null | Integration Name - Intended for internal use only. | -| `--integrationType` | null | Integration Type - Intended for internal use only. | -| `--logLevel` | INFO | Minimum level to show logs: PASS, IGNORE, INFO, WARN, or FAIL. | -| `--onFailure` | continue_on_failure | Action to perform when the scan fails. Options: fail_the_build, continue_on_failure. | -| `--operatingEnvironment` | null | Set Operating environment for information purposes only. | -| `--otherOptions` | None | Other Options to pass to syft. | -| `--projectName` | None | Project Name - this is what will be displayed in the SOOS app. | -| `--scriptVersion` | null | N/A | -| `--verbose` | false | Enable verbose logging. | -| `targetToScan` | N/A | The target to scan. Should be a docker image name or a path to a directory containing a Dockerfile. | +| `--apiKey` | | SOOS API Key - get yours from [SOOS Integration](https://app.soos.io/integrate/containers). Uses `SOOS_API_KEY` env value if present. | +| `--branchName` | | The name of the branch from the SCM System. | +| `--branchURI` | | The URI to the branch from the SCM System. | +| `--buildURI` | | URI to CI build info. | +| `--buildVersion` | | Version of application build artifacts. | +| `--clientId` | | SOOS Client ID - get yours from [SOOS Integration](https://app.soos.io/integrate/containers). Uses `SOOS_API_CLIENT` env value if present. | +| `--commitHash` | | The commit hash value from the SCM System. | +| `--logLevel` | `INFO` | Minimum level to show logs: PASS, IGNORE, INFO, WARN, or FAIL. | +| `--onFailure` | `continue_on_failure` | Action to perform when the scan fails. Options: fail_the_build, continue_on_failure. | +| `--operatingEnvironment` | | Set Operating environment for information purposes only. | +| `--otherOptions` | | Other Options to pass to syft. | +| `--projectName` | | Project Name - this is what will be displayed in the SOOS app. | +| `--verbose` | `false` | Enable verbose logging. | +| `targetToScan` | | The target to scan. Should be a docker image name or a path to a directory containing a Dockerfile. | ## Scanning Private Images with Authentication To scan an image from a private registry, follow these steps: diff --git a/package.json b/package.json index 43c3eb3..0657396 100644 --- a/package.json +++ b/package.json @@ -20,6 +20,14 @@ "check": "npm run format && npm run typecheck && npm outdated", "patch-api-client": "npm version patch --no-git-tag-version && npm run setup:clean && npm install @soos-io/api-client@latest --save-exact && npm install && npm run check" }, + "repository": { + "type": "git", + "url": "git+https://github.com/soos-io/soos-csa.git" + }, + "bugs": { + "url": "https://github.com/soos-io/soos-csa/issues" + }, + "homepage": "https://github.com/soos-io/soos-csa#readme", "dependencies": { "@soos-io/api-client": "0.2.22", "argparse": "^2.0.1",