From e42e41d4694acd318d888cfe50083854a717bc2b Mon Sep 17 00:00:00 2001 From: Agustin Isasmendi Date: Tue, 19 Mar 2024 21:52:17 +0100 Subject: [PATCH] SCP-209 Rename GH Action to SCANOSS Code Scan Action --- .github/workflows/test-action.yml | 2 +- README.md | 40 +++++++++++++++---------------- package-lock.json | 4 ++-- package.json | 12 ++++++---- sbom.json | 2 +- 5 files changed, 30 insertions(+), 30 deletions(-) diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index 24bbf71..3266cc5 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -26,7 +26,7 @@ jobs: uses: ./ with: dependencies.enabled: false - policies: copyleft, undeclared + policies: copyleft - name: Print stdout scan command diff --git a/README.md b/README.md index 84b6596..6dd2af0 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,11 @@ -# SCANOSS Action +# SCANOSS Code Scan Action -[![GitHub Super-Linter](https://github.com/scanoss/actions-scan/actions/workflows/linter.yml/badge.svg)](https://github.com/super-linter/super-linter) -![CI](https://github.com/scanoss/actions-scan/actions/workflows/ci.yml/badge.svg) -[![Check dist/](https://github.com/scanoss/actions-scan/actions/workflows/check-dist.yml/badge.svg)](https://github.com/scanoss/actions-scan/actions/workflows/check-dist.yml) -[![CodeQL](https://github.com/scanoss/actions-scan/actions/workflows/codeql-analysis.yml/badge.svg)](https://github.com/scanoss/actions-scan/actions/workflows/codeql-analysis.yml) +[![GitHub Super-Linter](https://github.com/scanoss/code-scan-action/actions/workflows/linter.yml/badge.svg)](https://github.com/super-linter/super-linter) +![CI](https://github.com/scanoss/code-scan-action/actions/workflows/ci.yml/badge.svg) +[![Check dist/](https://github.com/scanoss/code-scan-action/actions/workflows/check-dist.yml/badge.svg)](https://github.com/scanoss/scanoss-code-scan-step/actions/workflows/check-dist.yml) +[![CodeQL](https://github.com/scanoss/code-scan-action/actions/workflows/codeql-analysis.yml/badge.svg)](https://github.com/scanoss/scanoss-code-scan-step/actions/workflows/codeql-analysis.yml) -The SCANOSS Scan Action enhances your software development process by automatically scanning your code for security +The SCANOSS Code Scan Action enhances your software development process by automatically scanning your code for security vulnerabilities and license compliance with configurable policies.
@@ -33,18 +33,17 @@ permissions: checks: write jobs: - scanoss-analysis: - name: SCANOSS Analysis + scanoss-code-scan: + name: SCANOSS Code Scan runs-on: ubuntu-latest steps: - name: Checkout code - id: checkout uses: actions/checkout@v4 - - name: Run SCANOSS analysis - id: scanoss-scan-action - uses: scanoss/actions-scan@main + - name: Run SCANOSS Code Scan + id: scanoss-code-scan-step + uses: scanoss/code-scan-action@main ``` For example workflow runs, check out our @@ -75,7 +74,7 @@ the output into your custom workflow | stdout-scan-command | Scanner command output | ## Policy Checks -The SCANOSS Scan action includes two configurable policies: +The SCANOSS Code Scan Action includes two configurable policies: 1. Copyleft: This policy checks if any component or code snippet is associated with a copyleft license. If such a license is detected, the pull request (PR) is rejected. @@ -108,18 +107,17 @@ permissions: checks: write jobs: - scanoss-analysis: - name: SCANOSS Analysis + scanoss-code-scan: + name: SCANOSS Code Scan runs-on: ubuntu-latest steps: - name: Checkout code - id: checkout uses: actions/checkout@v4 - - name: Run SCANOSS analysis - id: scanoss-scan-action - uses: scanoss/actions-scan@main + - name: Run SCANOSS Code Scan + id: scanoss-code-scan-step + uses: scanoss/code-scan-action@main with: policies: copyleft, undeclared #NOTE: undeclared policy requires a sbom.json in the project root dependencies.enabled: true @@ -128,8 +126,8 @@ jobs: - name: Print stdout scan command - run: echo "${{ steps.scanoss-scan-action.outputs.stdout-scan-command }}" + run: echo "${{ steps.scanoss-code-scan-step.outputs.stdout-scan-command }}" - name: Print Results - run: cat "${{ steps.scanoss-scan-action.outputs.result-filepath }}" + run: cat "${{ steps.scanoss-code-scan-step.outputs.result-filepath }}" ``` \ No newline at end of file diff --git a/package-lock.json b/package-lock.json index 699eda2..a55199c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,11 +1,11 @@ { - "name": "scanoss-actions-scan", + "name": "scanoss-code-scan-action", "version": "0.1.0", "lockfileVersion": 3, "requires": true, "packages": { "": { - "name": "scanoss-actions-scan", + "name": "scanoss-code-scan-action", "version": "0.1.0", "license": "MIT", "dependencies": { diff --git a/package.json b/package.json index e2a3e97..fb08c02 100644 --- a/package.json +++ b/package.json @@ -1,19 +1,21 @@ { - "name": "scanoss-actions-scan", + "name": "scanoss-code-scan-action", "description": "SCANOSS Action", "version": "0.1.0", - "author": "", + "author": "SCANOSS", "private": true, - "homepage": "https://github.com/scanoss/actions-scan/", + "homepage": "https://github.com/scanoss/code-scan-action/", "repository": { "type": "git", - "url": "git+https://github.com/scanoss/actions-scan.git" + "url": "git+https://github.com/scanoss/code-scan-action.git" }, "bugs": { - "url": "https://github.com/scanoss/actions-scan/issues" + "url": "https://github.com/scanoss/code-scan-action/issues" }, "keywords": [ "actions", + "code-scan", + "code-scan-action", "node", "setup" ], diff --git a/sbom.json b/sbom.json index fce1f09..7f49028 100644 --- a/sbom.json +++ b/sbom.json @@ -1,7 +1,7 @@ { "components": [ { - "purl": "pkg:github/scanoss/actions-scan" + "purl": "pkg:github/scanoss/code-scan-action" } ] } \ No newline at end of file