Code Risk Identification GitHub Workflow
This workflow identifies potential security vulnerabilities in your codebase. It requires a sarif file as input to analyze and ensure that all code is secure and up to date.
The code-risk-identification workflow accepts the following inputs:
| Name | Description | Required | Default Value |
|---|---|---|---|
api-url | URL of the DevGuard API | No | https://api.devguard.org |
asset-name | Name of the asset to be scanned | Yes | |
sarif-file | Path to the sarif file to be scanned | Yes | sbom.json |
sarif-artifact-name | Name of the SBOM artifact to be downloaded | No | '' |
Usage Examples:
If you have the sarif in the repository:
if you have the sarif in an artifact from a previous job, you need to upload the artifact first: