Scanoss GitHub Actions 新增 Dependency Track 集成
2 分•作者: scanosss•8 个月前
SCANOSS GitHub Actions 集成已扩展,支持 Dependency Track。
此次更新使您能够:
– 将扫描结果转换为 CycloneDX SBOM
– 将结果上传为制品
– 在工作流程中直接应用 Dependency Track 策略
SCANOSS Python CLI 也支持相同的功能:
scanoss-py export dt
scanoss-py ins dt
代码库 → https://github.com/scanoss/gha-code-scan
查看原文
The SCANOSS GitHub Actions integration has been extended to support Dependency Track.<p>This update lets you:<p>– Convert scan results into CycloneDX SBOMs
– Upload results as artifacts
– Apply Dependency Track policies directly in the workflow<p>The same capabilities are also supported in theSCANOSS Python CLI:<p>scanoss-py export dt
scanoss-py ins dt<p>Repo → https://github.com/scanoss/gha-code-scan