You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
30 lines
896 B
30 lines
896 B
name: 'Analyze lockfile dependencies'
|
|
description: 'Parse dependencies from the yarn lockfile and run security tests on them'
|
|
inputs:
|
|
path:
|
|
description: 'Path to the yarn lockfile'
|
|
required: false
|
|
default: 'yarn.lock'
|
|
type:
|
|
description: 'Lockfile type, either yarn or npm'
|
|
default: 'yarn'
|
|
required: false
|
|
allowedHosts:
|
|
description: 'Allowed hosts for packages resolution'
|
|
required: false
|
|
default: 'https://registry.yarnpkg.com'
|
|
allowedURLs:
|
|
description: 'Allowed URLs to enable certain specific resources'
|
|
required: false
|
|
default: ''
|
|
runs:
|
|
using: 'composite'
|
|
steps:
|
|
- run: $GITHUB_ACTION_PATH/script.sh
|
|
env:
|
|
LOCKFILE_PATH: ${{ inputs.path }}
|
|
LOCKFILE_TYPE: ${{ inputs.type }}
|
|
LOCKFILE_ALLOWED_HOSTS: ${{ inputs.allowedHosts }}
|
|
LOCKFILE_ALLOWED_URLS: ${{ inputs.allowedURLs }}
|
|
shell: bash
|