Release: 1.1.0

action.yml

@@ -1,12 +1,54 @@
 name: 'Sonatype GitHub Actions'
-description: 'A set of Sonatype actions for checking your applications for vulnerabilities'
+description: 'A set of actions to identify vulnerabilities in your workflows using Sonatype''s security solutions.'
+
 author: 'Sonatype'
 
 branding:
   icon: 'shield'
   color: 'purple'
 
+# Define your inputs here.
+inputs:
+  iq-server-url:
+    description: 'Lifecycle (IQ Server) URL (e.g. http://localhost:8070).'
+    required: true
+  username:
+    description: 'The username to authenticate with Lifecycle (IQ Server).'
+    required: true
+  password:
+    description: 'The password to authenticate with Lifecycle (IQ Server).'
+    required: true
+  application-id:
+    description:
+      'Lifecycle (IQ Server) application ID. When Automatic Applications is enabled and the application ID has not yet
+      been used, a new application will be created with the given ID.'
+    required: true
+  scan-targets:
+    description:
+      'Space-separated list of paths to specific files, directories, or docker images. Apache Ant-styled patterns are
+      allowed.'
+    required: true
+
+# Define your outputs here.
+outputs:
+  scan-id:
+    value: ${{ steps.evaluate.outputs.scan-id }}
+    description:
+      'Scan id result of the run operation. It can be used to access the Lifecycle report of related artifacts.'
+  report-url:
+    value: ${{ steps.evaluate.outputs.report-url }}
+    description: 'Link to navigate directly to the analysis report in Lifecycle (IQ Server).'
+
 runs:
   using: 'composite'
   steps:
-    - uses: sonatype/actions/evaluate@v1
+    - name: Evaluate
+      id: evaluate
+      uses: sonatype/actions/[email protected]
+      with:
+        iq-server-url: ${{ inputs.iq-server-url }}
+        username: ${{ inputs.username }}
+        password: ${{ inputs.password }}
+        application-id: ${{ inputs.application-id }}
+        scan-targets: ${{ inputs.scan-targets }}
+

evaluate/action.yml

@@ -119,7 +119,7 @@ runs:
   steps:
     - name: Setup IQ CLI Action
       id: setup-iq-cli
-      uses: sonatype/actions/setup-iq-cli@v1.0.6-beta
+      uses: sonatype/actions/setup-iq-cli@v1.1.0
       with:
         iq-cli-version: 'latest'
 
@@ -130,7 +130,7 @@ runs:
 
     - name: Run IQ CLI Action
       id: run-iq-cli
-      uses: sonatype/actions/run-iq-cli@v1.0.6-beta
+      uses: sonatype/actions/run-iq-cli@v1.1.0
       with:
         iq-cli-version: ${{ steps.setup-iq-cli.outputs.iq-cli-version }}
         username: ${{ inputs.username }}

fetch-sbom/dist/index.js

@@ -143569,7 +143569,7 @@ module.exports = index;
 /***/ ((module) => {
 
 "use strict";
-module.exports = JSON.parse('{"name":"fetch-sbom","description":"GitHub Action for obtaining an SBOM","version":"1.0.6-beta","author":"sonatype","private":true,"homepage":"https://github.com/sonatype/actions/fetch-sbom","repository":{"type":"git","url":"git+https://github.com/sonatype/actions/fetch-sbom.git"},"bugs":{"url":"https://github.com/sonatype/actions/fetch-sbom/issues"},"keywords":["actions","node","setup"],"exports":{".":"./dist/index.js"},"engines":{"node":">=20"},"scripts":{"bundle":"npm run format:write && npm run package","ci-test":"npx jest","coverage":"npx make-coverage-badge --output-path ./badges/coverage.svg","format:write":"npx prettier --config ../.prettierrc.json --ignore-path ../.prettierignore --write .","format:check":"npx prettier --config ../.prettierrc.json --ignore-path ../.prettierignore --check .","lint":"npx eslint . -c ../.github/linters/.eslintrc.yml --ignore-path ../.eslintignore","package":"npx ncc build src/index.ts -o dist --source-map --license licenses.txt","package:watch":"npm run package -- --watch","test":"npx jest","all":"npm run format:write && npm run lint && npm run test && npm run coverage && npm run package"},"license":"SEE LICENSE IN LICENSE","jest":{"preset":"ts-jest","verbose":true,"clearMocks":true,"testEnvironment":"node","moduleFileExtensions":["js","ts"],"testMatch":["**/*.test.ts"],"testPathIgnorePatterns":["/node_modules/","/dist/"],"transform":{"^.+\\\\.ts$":"ts-jest"},"coverageReporters":["json-summary","text","lcov"],"collectCoverage":true,"collectCoverageFrom":["./src/**"],"reporters":["default",["jest-junit",{"suiteName":"fetch-sbom unit tests","titleTemplate":"{title}","outputName":"fetch-sbom-test-results.xml","ancestorSeparator":" > "}]]},"dependencies":{"@actions/artifact":"^2.1.7","@actions/github":"^6.0.0","@actions/tool-cache":"^2.0.1","@github/dependency-submission-toolkit":"^2.0.4","axios":"^1.7.2"}}');
+module.exports = JSON.parse('{"name":"fetch-sbom","description":"GitHub Action for obtaining an SBOM","version":"1.1.0","author":"sonatype","private":true,"homepage":"https://github.com/sonatype/actions/fetch-sbom","repository":{"type":"git","url":"git+https://github.com/sonatype/actions/fetch-sbom.git"},"bugs":{"url":"https://github.com/sonatype/actions/fetch-sbom/issues"},"keywords":["actions","node","setup"],"exports":{".":"./dist/index.js"},"engines":{"node":">=20"},"scripts":{"bundle":"npm run format:write && npm run package","ci-test":"npx jest","coverage":"npx make-coverage-badge --output-path ./badges/coverage.svg","format:write":"npx prettier --config ../.prettierrc.json --ignore-path ../.prettierignore --write .","format:check":"npx prettier --config ../.prettierrc.json --ignore-path ../.prettierignore --check .","lint":"npx eslint . -c ../.github/linters/.eslintrc.yml --ignore-path ../.eslintignore","package":"npx ncc build src/index.ts -o dist --source-map --license licenses.txt","package:watch":"npm run package -- --watch","test":"npx jest","all":"npm run format:write && npm run lint && npm run test && npm run coverage && npm run package"},"license":"SEE LICENSE IN LICENSE","jest":{"preset":"ts-jest","verbose":true,"clearMocks":true,"testEnvironment":"node","moduleFileExtensions":["js","ts"],"testMatch":["**/*.test.ts"],"testPathIgnorePatterns":["/node_modules/","/dist/"],"transform":{"^.+\\\\.ts$":"ts-jest"},"coverageReporters":["json-summary","text","lcov"],"collectCoverage":true,"collectCoverageFrom":["./src/**"],"reporters":["default",["jest-junit",{"suiteName":"fetch-sbom unit tests","titleTemplate":"{title}","outputName":"fetch-sbom-test-results.xml","ancestorSeparator":" > "}]]},"dependencies":{"@actions/artifact":"^2.1.7","@actions/github":"^6.0.0","@actions/tool-cache":"^2.0.1","@github/dependency-submission-toolkit":"^2.0.4","axios":"^1.7.2"}}');
 
 /***/ }),
 

run-iq-cli/dist/index.js

@@ -140841,7 +140841,7 @@ module.exports = JSON.parse('[[[0,44],"disallowed_STD3_valid"],[[45,46],"valid"]
 /***/ ((module) => {
 
 "use strict";
-module.exports = JSON.parse('{"name":"run-iq-cli","description":"GitHub Action to run IQ cli","version":"1.0.6-beta","author":"sonatype","private":true,"homepage":"https://github.com/sonatype/actions/run-iq-cli","repository":{"type":"git","url":"git+https://github.com/sonatype/actions/run-iq-cli.git"},"bugs":{"url":"https://github.com/sonatype/actions/run-iq-cli/issues"},"keywords":["actions","node","setup"],"exports":{".":"./dist/index.js"},"engines":{"node":">=20"},"scripts":{"bundle":"npm run format:write && npm run package","ci-test":"npx jest","coverage":"npx make-coverage-badge --output-path ./badges/coverage.svg","format:write":"npx prettier --config ../.prettierrc.json --ignore-path ../.prettierignore --write .","format:check":"npx prettier --config ../.prettierrc.json --ignore-path ../.prettierignore --check .","lint":"npx eslint . -c ../.github/linters/.eslintrc.yml --ignore-path ../.eslintignore","package":"npx ncc build src/index.ts -o dist --source-map --license licenses.txt","package:watch":"npm run package -- --watch","test":"npx jest","all":"npm run format:write && npm run lint && npm run test && npm run coverage && npm run package"},"license":"SEE LICENSE IN LICENSE","jest":{"preset":"ts-jest","verbose":true,"clearMocks":true,"testEnvironment":"node","moduleFileExtensions":["js","ts"],"testMatch":["**/*.test.ts"],"testPathIgnorePatterns":["/node_modules/","/dist/"],"transform":{"^.+\\\\.ts$":"ts-jest"},"coverageReporters":["json-summary","text","lcov"],"collectCoverage":true,"collectCoverageFrom":["./src/**"],"reporters":["default",["jest-junit",{"suiteName":"run-iq-cli unit tests","titleTemplate":"{title}","outputName":"run-iq-cli-test-results.xml","ancestorSeparator":" > "}]]},"dependencies":{"@actions/artifact":"^2.1.7","@actions/exec":"^1.1.1","@actions/glob":"^0.4.0","@actions/tool-cache":"^2.0.1","axios":"^1.7.7","semver":"^7.6.3"}}');
+module.exports = JSON.parse('{"name":"run-iq-cli","description":"GitHub Action to run IQ cli","version":"1.1.0","author":"sonatype","private":true,"homepage":"https://github.com/sonatype/actions/run-iq-cli","repository":{"type":"git","url":"git+https://github.com/sonatype/actions/run-iq-cli.git"},"bugs":{"url":"https://github.com/sonatype/actions/run-iq-cli/issues"},"keywords":["actions","node","setup"],"exports":{".":"./dist/index.js"},"engines":{"node":">=20"},"scripts":{"bundle":"npm run format:write && npm run package","ci-test":"npx jest","coverage":"npx make-coverage-badge --output-path ./badges/coverage.svg","format:write":"npx prettier --config ../.prettierrc.json --ignore-path ../.prettierignore --write .","format:check":"npx prettier --config ../.prettierrc.json --ignore-path ../.prettierignore --check .","lint":"npx eslint . -c ../.github/linters/.eslintrc.yml --ignore-path ../.eslintignore","package":"npx ncc build src/index.ts -o dist --source-map --license licenses.txt","package:watch":"npm run package -- --watch","test":"npx jest","all":"npm run format:write && npm run lint && npm run test && npm run coverage && npm run package"},"license":"SEE LICENSE IN LICENSE","jest":{"preset":"ts-jest","verbose":true,"clearMocks":true,"testEnvironment":"node","moduleFileExtensions":["js","ts"],"testMatch":["**/*.test.ts"],"testPathIgnorePatterns":["/node_modules/","/dist/"],"transform":{"^.+\\\\.ts$":"ts-jest"},"coverageReporters":["json-summary","text","lcov"],"collectCoverage":true,"collectCoverageFrom":["./src/**"],"reporters":["default",["jest-junit",{"suiteName":"run-iq-cli unit tests","titleTemplate":"{title}","outputName":"run-iq-cli-test-results.xml","ancestorSeparator":" > "}]]},"dependencies":{"@actions/artifact":"^2.1.7","@actions/exec":"^1.1.1","@actions/glob":"^0.4.0","@actions/tool-cache":"^2.0.1","axios":"^1.7.7","semver":"^7.6.3"}}');
 
 /***/ })