Skip to content
/ sbt-dependency-check-action Public

A Github Action to parse DependencyCheck JSON reports, print the found vulnerabilities and fail the build.

License

Apache-2.0 license
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

albuch/sbt-dependency-check-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 
entrypoint.sh
entrypoint.sh
 
 

Repository files navigation

sbt-dependency-check-action

A Github Action to parse DependencyCheck JSON reports, print the found vulnerabilities and fail the build if a vulnerability was found.

Usage

The Action takes one configuration parameter:

jsonReportPath

The path to the JSON report file of DependencyCheck. For SBT projects using the default configuration of sbt-dependency-check the path is target/scala-<version>/sbt-1.0/dependency-check-report.json.

Example

jobs:
  test:
    steps:
      - name: DependencyCheck
        run: sbt -v -Dfile.encoding=UTF-8 dependencyCheck
      - name: Print DependencyCheck Result
        uses: albuch/sbt-dependency-check-action@v1.0
        with:
          jsonReportPath: "target/scala-2.12/sbt-1.0/dependency-check-report.json"

About

A Github Action to parse DependencyCheck JSON reports, print the found vulnerabilities and fail the build.

Topics

security devops security-audit scala sbt static-analysis owasp vulnerabilities cve appsec nvd software-security owasp-dependencycheck vulnerability-scanners security-automation devsecops software-composition-analysis

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

2 watching

Forks

1 fork
Report repository

Releases 1

v1.0 Latest
Apr 24, 2021

Packages

No packages published

Languages