diff --git a/README.md b/README.md index bd83042..6aa4f2d 100644 --- a/README.md +++ b/README.md @@ -73,8 +73,8 @@ Configure this action by either inlining these options in your workflow file or | `deny-licenses`* | Contains a list of prohibited licenses. The action will fail on pull requests that introduce dependencies with licenses that match the list. | Any `spdx_id` value(s) from the [Licenses API](https://docs.github.com/en/rest/licenses) | none | | `fail-on-scopes`† | Contains a list of strings of the build environments you want to support. The action will fail on pull requests that introduce vulnerabilities in the scopes that match the list. | `development`, `runtime`, `unknown` | `runtime` | | `allow-ghsas` | Contains a list of GitHub Advisory Database IDs that can be skipped during detection. | Any GHSAs from the [GitHub Advisory Database](https://github.com/advisories) | none | -| `license-check` | Disable the license check performed by the action. | `true`, `false` | `false` | -| `vulnerability-check` | Disable the vulnerability check performed by the action. | `true`, `false` | `false` | +| `license-check` | Enable or disable the license check performed by the action. | `true`, `false` | `false` | +| `vulnerability-check` | Enable or disable the vulnerability check performed by the action. | `true`, `false` | `true` | | `base-ref`/`head-ref` | Provide custom git references for the git base/head when performing the comparison check. This is only used for event types other than `pull_request_target`. | Any valid git ref(s) in your project | none | *not supported for use with GitHub Enterprise Server