https://github.com/codenotary/vcn-notarize-bom-nodejs-github-action
GitHub action that uses the vcn tool from CodeNotary.com to generate and notarize the bill of materials (BoM) for Node.js projects.
https://github.com/codenotary/vcn-notarize-bom-nodejs-github-action
Last synced: 8 months ago
JSON representation
GitHub action that uses the vcn tool from CodeNotary.com to generate and notarize the bill of materials (BoM) for Node.js projects.
- Host: GitHub
- URL: https://github.com/codenotary/vcn-notarize-bom-nodejs-github-action
- Owner: codenotary
- License: apache-2.0
- Created: 2021-08-08T13:46:05.000Z (over 4 years ago)
- Default Branch: main
- Last Pushed: 2021-08-09T09:05:39.000Z (over 4 years ago)
- Last Synced: 2025-02-13T12:54:26.856Z (10 months ago)
- Language: JavaScript
- Size: 12.7 KB
- Stars: 1
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# vcn-notarize-bom-nodejs-github-action
GitHub action that uses the **[vcn](https://github.com/codenotary/vcn)** tool from CodeNotary.com to generate and notarize the bill of materials (BoM) for [Node.js](https://nodejs.org) projects. It accepts _**package-lock.json**_ files (or directories containing such files) as input.
## How to use it
Have a look in the provided [example workflow](.github/workflows/example.yml).
:bulb: The underlying vcn Docker image can also be run directly (an example is also provided in the same [example workflow](.github/workflows/example.yml)). This way one can **specify any vcn** :boom: flag, not just the ones exposed by the GitHub action.
👉 [This link](https://github.com/marketplace?type=actions&query=publisher%3Acodenotary+) lists all the other GitHub actions that are available from CodeNotary.