Skip to content

Release v1.0.0 (#65) #55

Release v1.0.0 (#65)

Release v1.0.0 (#65) #55

Workflow file for this run

name: Veracode Scan
on:
push:
branches:
- main
workflow_dispatch:
jobs:
veracode-sast-task:
runs-on: ubuntu-latest
name: Veracode SAST policy scan
steps:
- name: Checkout
uses: actions/checkout@v4
- name: create new package-lock.json
run: |
echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_TOKEN }}" > .npmrc
npm install
- name: ZIP source folder
run: zip -r app.zip src package-lock.json
- name: Run Veracode Policy scan
uses: veracode/[email protected]
with:
appname: "tsp-toolkit"
createprofile: false
version: ${{ github.sha }}
filepath: "app.zip"
scantimeout: 30
vid: ${{ secrets.VERACODE_API_ID }}
vkey: ${{ secrets.VERACODE_API_KEY }}