/sbt-dependency-check-action

A Github Action to parse DependencyCheck JSON reports, print the found vulnerabilities and fail the build.

Primary LanguageShellApache License 2.0Apache-2.0

sbt-dependency-check-action

A Github Action to parse DependencyCheck JSON reports, print the found vulnerabilities and fail the build if a vulnerability was found.

Usage

The Action takes one configuration parameter:

jsonReportPath

The path to the JSON report file of DependencyCheck. For SBT projects using the default configuration of sbt-dependency-check the path is target/scala-<version>/sbt-1.0/dependency-check-report.json.

Example

jobs:
  test:
    steps:
      - name: DependencyCheck
        run: sbt -v -Dfile.encoding=UTF-8 dependencyCheck
      - name: Print DependencyCheck Result
        uses: albuch/sbt-dependency-check-action@v1.0
        with:
          jsonReportPath: "target/scala-2.12/sbt-1.0/dependency-check-report.json"