Add GitHub Enterprise Server support
Opened this issue · 2 comments
The Action uses Octokit to download microsoft/component-detection
but does not specify that it should be from github.com
. This means use on GitHub Enterprise Server leads to trying to resolve that org/repo on the local server, which fails with a 404.
You can work around this by manually downloading the appropriate release binary in the Actions workflow before running this Action, e.g. with wget
.
It then attempts to submit using the Dependency Submission Toolkit. I haven't worked out precisely why, but this fails with a Cannot read properties of null (reading 'toString')
error in the toolkit.
@advanced-security/advanced-security-dependency-graph Can you have a look?
@jhutchings1 afaict the dependency graph team has never contributed to this project but i've asked FR to take a look