Skip to content

chore(deps): bump actions/checkout from 4.1.3 to 4.1.7 #257

chore(deps): bump actions/checkout from 4.1.3 to 4.1.7

chore(deps): bump actions/checkout from 4.1.3 to 4.1.7 #257

Workflow file for this run

name: Test github action for merging SPDX
on:
push:
jobs:
test-action:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # ratchet:actions/[email protected]
- name: Test merging SPDX JSON format files
uses: ./
with:
docpath: ${{github.workspace}}/test/json/input
name: sample-sbom-json
mergetype: "1" # 0 shallow merge, 1 deep merge
author: "ci/cd build pipeline"
email: "[email protected]"
docnamespace: "https://philips.example.com"
filetype: "J" # J JSON, T for SPDX tag value format
- name: Check result for JSON format
run: |
# Ignore field created since it contains a created at timestamp
diff -I"created" merged-SBoM-deep.json ${{github.workspace}}/test/json/output/result.json
- name: Test merging SPDX Tag value format files
uses: ./
with:
docpath: ${{github.workspace}}/test/spdx/input
name: sample-sbom-spdx
mergetype: "0" # 0 shallow merge, 1 deep merge
author: "ci/cd build pipeline"
email: "[email protected]"
docnamespace: "https://philips.example.com"
filetype: "T" # J JSON, T for SPDX tag value format
- name: Check result for SPDX tag value format
run: |
# Ignore field created since it contains a created at timestamp
diff -I"Created" merged-SBoM-shallow.spdx ${{github.workspace}}/test/spdx/output/result.spdx