actions/component-detection-dependency-submission-action
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
348257c874457aa979bd08902e9667ad4e1b6bcf
component-detection-depende…/action.yml
Lewis Jones 348257c874 Add sha and ref snapshot inputs
2025-06-16 11:15:10 +01:00

51 lines
2.7 KiB
YAML
Raw Blame History

name: 'Component Detection dependency submission action'
description: 'Upload information about your dependencies to the GitHub dependency graph using dependency submission API. '
inputs:
token:
description: "GitHub Personal Access Token (PAT). Defaults to PAT provided by Actions runner."
required: false
default: ${{ github.token }}
filePath:
description: 'The path to the directory containing the environment files to upload. Defaults to Actions working directory.'
required: false
default: '.'
directoryExclusionList:
description: 'Filters out specific directories following a minimatch pattern.'
required: false
detectorArgs:
description: 'Comma separated list of properties that can affect the detectors execution, like EnableIfDefaultOff that allows a specific detector that is in beta to run, the format for this property is DetectorId=EnableIfDefaultOff, for example Pip=EnableIfDefaultOff.'
required: false
dockerImagesToScan:
description: 'Comma separated list of docker image names or hashes to execute container scanning on, ex: ubuntu:16.04,56bab49eef2ef07505f6a1b0d5bd3a601dfc3c76ad4460f24c91d6fa298369ab'
required: false
detectorsFilter:
description: 'A comma separated list with the identifiers of the specific detectors to be used. This is meant to be used for testing purposes only.'
required: false
detectorsCategories:
description: 'A comma separated list with the categories of components that are going to be scanned. The detectors that are going to run are the ones that belongs to the categories. The possible values are: Npm, NuGet, Maven, RubyGems, Cargo, Pip, GoMod, CocoaPods, Linux.'
required: false
correlator:
description: 'An optional identifier to distinguish between multiple dependency snapshots of the same type.'
required: false
detector-name:
description: 'The name of the detector. If provided, detector-version and detector-url must also be provided.'
required: false
detector-version:
description: 'The version of the detector. If provided, detector-name and detector-url must also be provided.'
required: false
detector-url:
description: 'The URL of the detector. If provided, detector-name and detector-version must also be provided.'
required: false
snapshot-sha:
description: 'The SHA of the commit to associate with the snapshot. If provided, snapshot-ref must also be provided.'
required: false
snapshot-ref:
description: 'The Git reference to associate with the snapshot. If provided, snapshot-sha must also be provided.'
required: false
runs:
using: 'node20'
main: 'dist/index.js'
branding:
icon: 'upload-cloud'
color: 'blue'
Reference in New Issue View Git Blame Copy Permalink