{"id":21000748,"url":"https://github.com/phylum-dev/install-phylum-latest-action","last_synced_at":"2025-05-14T23:31:55.025Z","repository":{"id":41865987,"uuid":"446565504","full_name":"phylum-dev/install-phylum-latest-action","owner":"phylum-dev","description":"GitHub Action to install phylum CLI tool","archived":false,"fork":false,"pushed_at":"2023-11-14T22:26:44.000Z","size":36,"stargazers_count":0,"open_issues_count":1,"forks_count":1,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-01-28T01:53:11.006Z","etag":null,"topics":["dependencies","open-source-security","risk-analysis","sca","security","security-analysis","supply-chain-security"],"latest_commit_sha":null,"homepage":"https://phylum.io","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/phylum-dev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2022-01-10T20:04:42.000Z","updated_at":"2022-04-26T18:14:25.000Z","dependencies_parsed_at":"2024-01-10T17:53:07.152Z","dependency_job_id":null,"html_url":"https://github.com/phylum-dev/install-phylum-latest-action","commit_stats":{"total_commits":18,"total_committers":6,"mean_commits":3.0,"dds":0.6111111111111112,"last_synced_commit":"f9d03a322fa259ab428197f5a2681b589b689460"},"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/phylum-dev%2Finstall-phylum-latest-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/phylum-dev%2Finstall-phylum-latest-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/phylum-dev%2Finstall-phylum-latest-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/phylum-dev%2Finstall-phylum-latest-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/phylum-dev","download_url":"https://codeload.github.com/phylum-dev/install-phylum-latest-action/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225316361,"owners_count":17455232,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dependencies","open-source-security","risk-analysis","sca","security","security-analysis","supply-chain-security"],"created_at":"2024-11-19T08:12:11.372Z","updated_at":"2024-11-19T08:12:12.313Z","avatar_url":"https://github.com/phylum-dev.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# install-phylum-latest-action\nA GitHub Action to install the latest version of the Phylum [command-line tool](https://github.com/phylum-dev/cli).\n\nThis action enables users to download, install, and configure the Phylum command-line interface (CLI) tool for use.\nThe Phylum CLI tool allows users to submit their project package dependencies to Phylum's API for analysis.\n\nPhylum provides a complete risk analyis of \"open-source packages\" (read: untrusted software from random Internet\nstrangers). Phylum evolved forward from legacy SCA tools to defend from supply-chain malware, malicious open-source\nauthors, and engineering risk, in addition to software vulnerabilities and license risks. To learn more, please see\n[our website](https://phylum.io).\n\n## Features\n- can be used by other GitHub Actions to set Phylum up in the environment\n\n## Getting Started\nThis is a sample workflow using this action.\n\n```yaml\non: [push]\n\njobs:\n  test_install_phylum_job:\n    runs-on: ubuntu-latest\n    name: A job to test phylum\n    steps:\n      - uses: actions/checkout@v2\n      - id: phylum-test\n        uses: phylum-dev/install-phylum-latest-action@v1\n        with:\n          phylum_token: ${{ secrets.PHYLUM_TOKEN }}\n\n      - name: Run phylum to test auth with token\n        shell: bash\n        run: |\n          phylum project\n```\n\n### Requirements\n- active Phylum account ([Register here](https://app.phylum.io/auth/registration))\n- a Linux runner (e.g., `runs-on: ubuntu-*` for the GitHub hosted runners)\n  - technically, the runner just needs to match the `x86_64-unknown-linux-musl` Rust target\n- mandatory inputs:\n  - `phylum_token` - the API authentication token for your account\n- optional inputs:\n  - `phylum_version` - a specific version of the Phylum CLI to install\n    - NOTE: when not specified, the `latest` version will be installed\n    - NOTE: the Phylum CLI 2.0.0 release changed the way the artifacts are packaged and released, which means this\n            option should **NOT specify a version less than 2.0.0**\n\n### License\n\nCopyright (C) 2022  Phylum, Inc.\n\nThis program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public\nLicense as published by the Free Software Foundation, either version 3 of the License or any later version.\n\nThis program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied\nwarranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.\n\nYou should have received a copy of the GNU General Public License along with this program.\nIf not, see \u003chttps://www.gnu.org/licenses/gpl.html\u003e or write to `phylum@phylum.io` or `engineering@phylum.io`\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fphylum-dev%2Finstall-phylum-latest-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fphylum-dev%2Finstall-phylum-latest-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fphylum-dev%2Finstall-phylum-latest-action/lists"}