Software Composition Analysis (SCA) GitHub Workflow

The software-composition-analysis (SCA) workflow performs Software Composition Analysis (SCA) to detect vulnerabilities in your project's dependencies. It scans your software for outdated or vulnerable third-party libraries, helping you manage risks early in the development process.

The sca workflow accepts the following inputs:

Name	Description	Required	Default Value
`api-url`	URL of the DevGuard API	No	`https://api.devguard.org`
`asset-name`	Name of the asset to be scanned	Yes
`path`	Path to the source code to be scanned	No	`.`

Usage Example:

Here's an example of how to call this reusable workflow from another workflow file:

GitHub Workflows Reference
GitLab Components Reference
DevGuard Reference

Software Composition Analysis (SCA) GitHub Workflow#

Usage Example:#

Related Documentation#

Have feedback? We want to hear from you!

Software Composition Analysis (SCA) GitHub Workflow

Usage Example:

Related Documentation