@conterra/vuln-scan 0.0.18 → 0.0.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +11 -4
- package/dist/add-project.js +14 -14
- package/dist/add-statement.js +9 -9
- package/dist/remove-project.js +14 -14
- package/dist/schema/conf-schema.json +13 -1
- package/dist/vuln-scan.js +10 -10
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -96,11 +96,18 @@ The following sample lists all available options with their default values:
|
|
|
96
96
|
{
|
|
97
97
|
"$schema": "./node_modules/@conterra/vuln-scan/dist/schema/conf-schema.json",
|
|
98
98
|
|
|
99
|
-
/* Defines if the process should fail or only log a warning.
|
|
100
|
-
If
|
|
101
|
-
|
|
99
|
+
/* Defines if the process should fail or only log a warning or ignore vulnerabilities.
|
|
100
|
+
If "fail" exit 1 is called.
|
|
101
|
+
If "warn" the log statement "##vso[task.complete result=SucceededWithIssues;]NEW_VULNERABILITIES_DETECTED" is issued.
|
|
102
|
+
If "ignore" nothing happens.
|
|
102
103
|
*/
|
|
103
|
-
"
|
|
104
|
+
"onNewVulnerabilities": "fail",
|
|
105
|
+
/* Defines if the process should fail or only log a warning or ignore no longer detected vulnerabilities.
|
|
106
|
+
If "fail" exit 1 is called.
|
|
107
|
+
If "warn" the log statement "##vso[task.complete result=SucceededWithIssues;]NO_LONGER_DETECTED_VULNERABILITIES" is issued.
|
|
108
|
+
If "ignore" nothing happens.
|
|
109
|
+
*/
|
|
110
|
+
"onNoLongerDetectedVulnerabilities": "ignore",
|
|
104
111
|
/* The maven repository to fetch sboms from.
|
|
105
112
|
If the maven repository requires authentication, the environment variables MAVEN_REPO_USER and MAVEN_REPO_PW must be set.
|
|
106
113
|
*/
|