Compare commits

...

3 Commits

Author SHA1 Message Date
Federico Builes 651d22c5d5 Revert default values in action.yml to fix external configs. 2024-03-22 08:29:26 +01:00
Eli Reisman 02b13f6b52 Merge pull request #721 from sporkmonger/patch-1
Typo fixes in README
2024-03-21 17:18:11 -07:00
Bob Aman 6e0fa26ac3 Typo fixes
Fixed a couple spelling errors.
2024-03-21 16:37:36 -07:00
2 changed files with 11 additions and 8 deletions
+1 -1
View File
@@ -171,7 +171,7 @@ The Dependency Review GitHub Action check will only block a pull request from be
> Action outputs are unicode strings [with a 1MB size limit](https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#outputs-for-docker-container-and-javascript-actions).
> [!IMPORTANT]
> If you use these outputs in a run-step, you must store the ouput data in an envrioment variable instead of using the output directly. Using an output directly might break shell scripts. For example:
> If you use these outputs in a run-step, you must store the output data in an environment variable instead of using the output directly. Using an output directly might break shell scripts. For example:
>
> ```yaml
> env:
+10 -7
View File
@@ -1,5 +1,13 @@
# Avoid using default values for options here since they will
# end up overriding external configurations.
# IMPORTANT
#
# Avoid setting default values for configuration options in
# this file, they will overwrite external configurations.
#
# If you are trying to find out the default value for a config
# option please take a look at the README or src/schemas.ts.
#
# If you are adding an option, make sure the Zod definition
# contains a default value.
name: 'Dependency Review'
description: 'Prevent the introduction of dependencies with known vulnerabilities'
author: 'GitHub'
@@ -56,23 +64,18 @@ inputs:
retry-on-snapshot-warnings:
description: Whether to retry on snapshot warnings
required: false
default: false
retry-on-snapshot-warnings-timeout:
description: Number of seconds to wait before stopping snapshot retries.
required: false
default: 120
warn-only:
description: When set to `true` this action will always complete with success, overriding the `fail-on-severity` parameter.
required: false
default: false
show-openssf-scorecard:
description: Show a summary of the OpenSSF Scorecard scores.
required: false
default: true
warn-on-openssf-scorecard-level:
description: Numeric threshold for the OpenSSF Scorecard score. If the score is below this threshold, the action will warn you.
required: false
default: 3
outputs:
comment-content:
description: Prepared dependency report comment