action.yaml

name: 'clj-watson (Clojure)'
author: 'clj-holmes'
description: 'Executes clj-watson dependency security scan in clojure/clojurescript projects.'
inputs:
  clj-watson-tag:
    description: "clj-watson release tag"
    required: true

  clj-watson-sha:
    description: "clj-watson release sha"
    required: true

  deps-edn-path:
    description: 'path to the deps.edn file to be scanned'
    required: true

  aliases:
    description: 'aliases to be scanned alongside with the root deps. (separete which one using comma)'
    required: false

  dependency-check-properties:
    description: 'path of a dependency-check properties file. If not provided uses resources/dependency-check.properties.'
    required: false

  database-strategy:
    description: 'vulnerability database strategy, dependency-check or github-advisory'
    required: false

  output-type:
    description: 'Output type'
    required: false
    default: 'stdout'

  output-file:
    description: 'Output file'
    required: false

  fail-on-result:
    description: 'Enable or disable fail if results were found'
    required: false

  suggest-fix:
    description: 'Suggest a new deps.edn file fixing all vulnerabilities found.'
    required: false

  path:
    description: 'Directory to run clj-watson on.'
    required: false

runs:
  using: 'docker'
  image: 'Dockerfile'
  args:
    - ${{ inputs.clj-watson-tag }}
    - ${{ inputs.clj-watson-sha }}
    - ${{ inputs.deps-edn-path }}
    - ${{ inputs.aliases }}
    - ${{ inputs.dependency-check-properties }}
    - ${{ inputs.output-type }}
    - ${{ inputs.fail-on-result }}
    - ${{ inputs.suggest-fix }}
    - ${{ inputs.database-strategy }}
    - ${{ inputs.output-file }}
    - ${{ inputs.path }}

branding:
  color: gray-dark
  icon: shield