mirrors/90DaysOfDevOps
1
0
Fork 0
mirror of https://github.com/MichaelCade/90DaysOfDevOps.git synced 2024-12-22 15:53:11 +07:00
Code Issues Packages Projects Releases Wiki Activity

Day 11: SCA Implementation with OWASP Dependency Check

Browse Source
This commit is contained in:
Prateek Jain 2023-01-08 19:13:49 +05:30
parent 341e63dc01
commit 0958dd3976
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
2023/day11.md
View File

@ -14,7 +14,7 @@ It is important to note that OWASP Dependency Check is not a replacement for sec
### Integrate Dependency Check with GitHub Actions
To use Dependency Check with GitHub Actions, you can create a workflow file in your repository's **`.github/workflows`**directory. Here is an example workflow that runs Dependency Check on every push to the **`main`**branch:
To use Dependency Check with GitHub Actions, you can create a workflow file in your repository's `.github/workflows` directory. Here is an example workflow that runs Dependency Check on every push to the `main` branch:
```yaml
name: Dependency-Check
@ -48,10 +48,10 @@ jobs:
This workflow does the following:
1. Defines a workflow called **`Dependency-Check`** that runs on every push to the **`main`** branch.
2. Specifies that the workflow should run on the **`ubuntu-latest`** runner.
1. Defines a workflow called `Dependency-Check` that runs on every push to the `main` branch.
2. Specifies that the workflow should run on the `ubuntu-latest` runner.
3. Downloads and installs Dependency Check.
4. Runs Dependency Check on the current directory (**`.`**) and generate a report in report.html file.
4. Runs Dependency Check on the current directory (`.`) and generate a report in report.html file.
5. Removes the downloaded Dependency Check files.
6. Upload the report file as artifacts.