@@ -51,11 +51,11 @@ jobs:
5151 # configuration options and available sub-actions.
5252 - name : Run Fortify Scan
5353 # Specify Fortify GitHub Action version to run. As per GitHub starter workflow requirements, this example
54- # uses the commit id corresponding to version 1.5 .2. It is recommended to check whether any later releases
54+ # uses the commit id corresponding to version 1.6 .2. It is recommended to check whether any later releases
5555 # are available at https://github.com/fortify/github-action/releases. Depending on the amount of stability
5656 # required, you may want to consider using fortify/github-action@v1 instead to use the latest 1.x.y version
5757 # of this action, allowing your workflows to automatically benefit from any new features and bug fixes.
58- uses : fortify/github-action@afb2d9e467caf7c6ad273799fc1b65ac492b0de2
58+ uses : fortify/github-action@d7cb5974c159fad242153f52f7c6fa4dda065b23
5959 with :
6060 sast-scan : true # Run a SAST scan; if not specified or set to false, no SAST scan will be run
6161 debricked-sca-scan : true # For FoD, run an open-source scan as part of the SAST scan (ignored if SAST scan
7676 # FOD_RELEASE: MyApp:MyRelease # FoD release name, default: <org>/<repo>:<branch>
7777 # DO_SETUP: true # Setup FoD application, release & static scan configuration
7878 # SETUP_ACTION: <URL or file> # Customize setup action
79- # SETUP_EXTRA_OPTS: --on-unsigned=ignore # Pass extra options to setup action
79+ # Pass extra options to setup action:
80+ # SETUP_EXTRA_OPTS: --copy-from "${{ github.repository }}:${{ github.event.repository.default_branch }}"
8081 # PACKAGE_EXTRA_OPTS: -oss -bt mvn # Extra 'scancentral package' options
8182 # FOD_SAST_SCAN_EXTRA_OPTS: # Extra 'fcli fod sast-scan start' options
8283 # DO_WAIT: true # Wait for successful scan completion (implied if post-scan actions enabled)
0 commit comments