sbom-action test project

This is a repository to test the sbom-action

It's possible to run both a branch of syft and a branch of the sbom-action, something like:

# use sbom-action from a different repo with the use-correlator-field branch
- uses: kzantow-anchore/sbom-action@use-correlator-field
with:
  image: alpine:latest
  artifact-name: image.spdx.json
  dependency-snapshot: true
  # instead of using a syft release, use a different repo with the update-github-format branch
  syft-version: https://github.com/kzantow-anchore/syft/archive/refs/heads/update-github-format.zip

To build the app

Builds a web bundle and makes a Docker image.

npm run package

Name		Name	Last commit message	Last commit date
Latest commit History 83 Commits
.github/workflows		.github/workflows
src		src
.gitignore		.gitignore
.syft.yaml		.syft.yaml
Dockerfile		Dockerfile
README.md		README.md
events.svg		events.svg
package-lock.json		package-lock.json
package.json		package.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

sbom-action test project

To build the app

About

Releases 20

Packages

Languages

kzantow-anchore/sbom-action-test

Folders and files

Latest commit

History

Repository files navigation

sbom-action test project

To build the app

About

Resources

Stars

Watchers

Forks

Releases 20

Packages 0

Languages

Packages