20 lines
615 B
YAML
20 lines
615 B
YAML
name: "report-vulns"
|
|
description: "Check for vulnerabilities in go and node apps"
|
|
inputs:
|
|
manager:
|
|
description: "which auditing system to use, based on package manager. Available options are: (go|npm)"
|
|
required: true
|
|
default: "."
|
|
panic:
|
|
description: "determines whether the workflow fails when vulnerabilities are found: (yes|no)"
|
|
required: true
|
|
default: "yes"
|
|
runs:
|
|
using: composite
|
|
steps:
|
|
- name: "run script"
|
|
shell: bash
|
|
run: ${{ github.action_path }}/security.sh
|
|
env:
|
|
PACKAGE_MANAGER: ${{ inputs.manager }}
|
|
ERROR_ON_VULN: ${{ inputs.panic }} |