An open API service indexing awesome lists of open source software.

https://github.com/clj-holmes/clj-watson-action

clj-watson action
https://github.com/clj-holmes/clj-watson-action

clojure dependency sca security

Last synced: about 5 hours ago
JSON representation

clj-watson action

Awesome Lists containing this project

README

          

# clj-watson action

Action to execute [clj-watson](https://github.com/clj-holmes/clj-watson) security dependency scan in Clojure/Clojurescript projects.

# Getting Started
Simply add the following snippet to your GitHub actions workflow.
```yaml
- name: Dependencies scan
uses: clj-holmes/clj-watson-action@main
```

## Options
It's also possible to specify the following options:
- clj-watson-sha [Required]
- clj-watson-tag [Required]
- aliases (separated by comma)
- database-strategy (github-advisory or dependency-check)
- deps-edn-path [Required]
- dependency-check-properties [Default: default property file]
- output-type (json, edn or stdout) [Default: stdout]
- fail-on-result (true or false) [Default: false]
- suggest-fix (true or false) [Default: false]
- output-file [Default: nil]

```yaml
- name: Dependency scan
uses: clj-holmes/clj-watson-action@main
with:
clj-watson-sha: "9972a33"
clj-watson-tag: "v4.0.0"
database-strategy: github-advisory
aliases: clojure-lsp,test
deps-edn-path: 'deps.edn'
output-type: 'stdout-simple'
suggest-fix: 'true'
fail-on-result: 'true'
output-file: result.txt
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
```