Skip to content

Releases: jmservera/spotbugs-github-action

v0.2.0-alpha

26 Oct 13:39
@jmservera jmservera
v0.2.0-alpha
7864e7a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.2.0-alpha Latest
Marketplace
Latest
Marketplace

What's Changed

An effort to generalize the action so it works with Maven, Gradle, etc. and provides a better sarif integration with GitHub.

Enhancements to Input Parameters:

  • Added new input parameters in action.yml for greater configurability, including packages, outputType, dependenciesPath, and basePath, along with updates to existing parameters for clarity.
  • Updated the runs section in action.yml to include environment variables for the new input parameters, ensuring they are passed to the shell script.

Documentation Improvements:

  • Expanded the README.md with detailed descriptions of input parameters, usage examples, and a sample workflow configuration for the SpotBugs GitHub Action.

SpotBugs Execution Enhancements:

  • Refactored analyze.sh to support additional parameters and improve the SpotBugs execution process, including handling different output formats (sarif, xml, html, etc.), package filtering, and dependency management.
Assets 2
Loading

0.1 GitHub Security compatibility

21 Oct 07:39
@jmservera jmservera
v0.1.0-alpha
87124df

Choose a tag to compare

View all tags
0.1 GitHub Security compatibility Pre-release
Pre-release

Generalized version:

  • Choose between different configurations
  • Made SARIF enhancements to help linking the issues to the actual files in GitHub Security
  • Tested with Maven + SARIF only

Full Changelog: https://github.com/jmservera/spotbugs-github-action/commits/v0.1.0-alpha

Loading