report-vulns/README.md

# report-vulns
A very simple action to check for vulnerabilities in projects during workflows

## Usage
Use a tagged release to avoid unexpected changes that may come to the master branch
```yaml
name: "security checkpoint"
uses: https://code.jakeyoungdev.com/actions/report-vulns@master
with:
  manager: npm
  panic: no
```

### Inputs
Some inputs are supplied for better customization
|Input|Required|Values|Default|Description|
|---|---|---|---|---|
|manager|required|go/npm|.|Package manager to use for scan|
|panic|optional|yes/no|yes|Determines whether or not the job fails when vulnerabilities are found

## Requirements
Package managers like Go and Node must be installed before running this action

## Managers
The default or "built-in" vulnerability scanner will be used for each package manager
|Package Manager|Vulnerability Scanner|
|---|---|
|npm|npm audit|
|go|govulncheck|
[new] Code migration 2025-03-31 15:49:50 -04:00			`# report-vulns`
			`A very simple action to check for vulnerabilities in projects during workflows`

			`## Usage`
			`Use a tagged release to avoid unexpected changes that may come to the master branch`
			```yaml
			`name: "security checkpoint"`
			`uses: https://code.jakeyoungdev.com/actions/report-vulns@master`
			`with:`
			`manager: npm`
			`panic: no`
			```

			`### Inputs`
			`Some inputs are supplied for better customization`
			`\|Input\|Required\|Values\|Default\|Description\|`
			`\|---\|---\|---\|---\|---\|`
			`\|manager\|required\|go/npm\|.\|Package manager to use for scan\|`
			`\|panic\|optional\|yes/no\|yes\|Determines whether or not the job fails when vulnerabilities are found`

			`## Requirements`
			`Package managers like Go and Node must be installed before running this action`

			`## Managers`
			`The default or "built-in" vulnerability scanner will be used for each package manager`
			`\|Package Manager\|Vulnerability Scanner\|`
			`\|---\|---\|`
			`\|npm\|npm audit\|`
			`\|go\|govulncheck\|`