From ef53d55083f662a3d59779b57835afb1b59077cc Mon Sep 17 00:00:00 2001 From: willem-delbare <20814660+willem-delbare@users.noreply.github.com> Date: Fri, 5 Apr 2024 16:04:24 +0200 Subject: [PATCH] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 63748bb..ba4c453 100644 --- a/README.md +++ b/README.md @@ -50,7 +50,7 @@ Optional fields: - `fail-on-sast-scan`: Determines whether Aikido should block on new SAST issues. This is available in all [paid plans](https://www.aikido.dev/pricing). - `fail-on-iac-scan`: Determines whether Aikido should block on new Infrastructure as Code issues. This is available in all [paid plans](https://www.aikido.dev/pricing). - `post-scan-status-comment`: Let Aikido post a comment on the PR (when in PR context) with the latest scan status and a link to the scan results. Value can be one of "on", "off" or "only_if_new_findings". When setting this value to "only_if_new_findings" Aikido will only post a comment once new findings are found, and keep it updated afterwards. -- `post-sast-review-comments`: Let Aikido post review comments on the PR (when in PR context) of SAST scan findings and a link to the Aikido platform. Value can be one of "on", "off". +- `post-sast-review-comments`: Let Aikido post review comments on the PR of SAST findings that are above the failure treshold and a link to the Aikido platform. Value can be one of "on", "off". - `github-token`: Must be set only if you want Aikido to post a comment on the PR. If the default `${{ secrets.GITHUB_TOKEN }}` environment token does not have write capabilities, Aikido needs a PAT with specific permissions to read and write comments in a PR.