Awesome
<div align="center"> <h1>brew-dependency-submission-action</h1> </div>Overview
This is the Brew / Homebrew Dependency Submission Action which parses Homebrew files and submits the dependencies to the Dependency Graph Submission API.
This means thats GitHub's Dependabot can use the Homebrew to check for security vulnerabilities in your dependencies and keeping your Software Bill of Materials up to date.
Usage
- name: Brew Lockfile Dependency Submission Action
uses: advanced-security/brew-dependency-submission-action@v1.1.0
Action Inputs
- name: Brew Lockfile Dependency Submission Action
uses: advanced-security/brew-dependency-submission-action@v1.1.0
with:
# [optonal] The path to the Brewfile.lock.json file. Defaults to finding all Brewfile.lock.json in the current
# working directory
brew-lock: "./Brewfile.lock.json"
# [optional] Token used to authenticate with the GitHub API. Defaults to the GITHUB_TOKEN secret.
token: ${{ secrets.ACTIONS_TOKEN }}
Workflow Example
name: Brew Lockfile Dependency Submission Action
on:
push:
branches: [main]
pull_request:
branches: [main]
permissions:
contents: write # needed
jobs:
gradle-lock:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
# ... generate Brew lockfile
- name: Brew Lockfile Dependency Submission Action
uses: advanced-security/brew-dependency-submission-action@v1.1.0
License
This project is licensed under the terms of the MIT open source license. Please refer to MIT for the full terms.
Maintainers
Maintained by @GeekMasher.
Support
Please create GitHub issues for any feature requests, bugs, or documentation problems.
Acknowledgement
- @GeekMasher: Author and Maintainer