https://github.com/scanoss/ado-code-scan
Azure DevOps Code Scan Extension Task
https://github.com/scanoss/ado-code-scan
Last synced: 3 months ago
JSON representation
Azure DevOps Code Scan Extension Task
- Host: GitHub
- URL: https://github.com/scanoss/ado-code-scan
- Owner: scanoss
- License: mit
- Created: 2024-05-27T11:08:02.000Z (about 2 years ago)
- Default Branch: main
- Last Pushed: 2026-02-10T11:50:01.000Z (4 months ago)
- Last Synced: 2026-02-10T16:18:18.824Z (4 months ago)
- Language: TypeScript
- Homepage: https://marketplace.visualstudio.com/items?itemName=SCANOSS.scanoss-code-scan
- Size: 1.7 MB
- Stars: 1
- Watchers: 3
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
README
# Azure DevOps Code Scan Task
The SCANOSS Code Scan task enhances your software development process by automatically scanning your code for security vulnerabilities and license compliance with configurable policies.
# Usage
### Installation Instructions
To install the SCANOSS Code Scan task, please consult the Visual Studio Marketplace guide [here](https://marketplace.visualstudio.com/items?itemName=SCANOSS.scanoss-code-scan).
### Detailed Information
For more detailed usage instructions, please refer to the [OVERVIEW.md](OVERVIEW.md) document.
# Development Guide
This guide provides step-by-step instructions for deploying a new package for your project. Ensure all steps are followed to maintain version consistency and successful deployment.
### Prerequisites
- **Node.js**: Ensure Node.js and npm are installed.
- **Azure DevOps Extension Tool (tfx)**: Install the TFS cross-platform command-line interface (`tfx`).
- **jq**: Install `jq` for JSON processing.
### Installation
Run the following command to install the project dependencies:
``` bash
make install
```
### Tests
Before building the app, run test suites.
``` bash
make test
```
# Publish
## Development
### Update Version for Publishing
To streamline the app versioning process for development:
1. Update the version in the **package.json** file.
### Building the App for Development
To build the app for a development environment:
```bash
make package_dev
```
### macOS (ARM64) Building for Development
For macOS users with ARM64 architecture, run the following command:
```bash
make package_dev_mac_arm64
```
For more details see the following [issue](https://github.com/microsoft/tfs-cli/issues/414).
### Publish the App to Development
1. Generate a publishing token. For instructions on how to generate the token, refer to [Publish from the Command Line](https://learn.microsoft.com/en-us/azure/devops/extend/publish/command-line?view=azure-devops).
2. Publish the app using the following command:
```
tfx extension publish --manifest-globs vss-extension-dev.json --publisher SCANOSS --token $MSFT_PERSONAL_ACCESS_TOKEN
```
## Production
### Update Version for Publishing
1. Ensure that the version in the **package.json** file is updated.
2. Build the app with the following command:
```bash
make upgrade_version
```
### Build the App for Production
To build the app for the production environment, run:
```bash
make package
```
### Publish the App to Production
1. Generate a publishing token. For instructions on how to generate the token, refer to [Publish from the Command Line](https://learn.microsoft.com/en-us/azure/devops/extend/publish/command-line?view=azure-devops).
2. Publish the app using the following command:
```
tfx extension publish --manifest-globs vss-extension.json vss-extension-release.json --publisher SCANOSS --token $MSFT_PERSONAL_ACCESS_TOKEN
```