GitHub Action
cocoapods-dependency-submission-action
cocoapods-dependency-submission-action
cocoapods-dependency-submission-action
CocoaPods Lockfile Dependency Submission Action
Installation
Copy and paste the following snippet into your .yml file.
- name: cocoapods-dependency-submission-action
uses: advanced-security/cocoapods-dependency-submission-action@v1.0
cocoapods-dependency-submission-action
This is the CocoaPods Dependency Submission Action which parses CocoaPods Lock files and submits the dependencies to the Dependency Graph Submission API.
Sadly, GitHub's Security Advisory Database does not contain CocoaPods security alert information which means no security vulnerabilities in your dependencies will be reported. This project is mainly to keep your Software Bill of Materials up to date and complete.
Usage
- name: CocoaPods Dependency Submission Action
uses: advanced-security/cocoapods-dependency-submission-action@v1.1
Action Inputs
- name: CocoaPods Dependency Submission Action
uses: advanced-security/cocoapods-dependency-submission-action@v1.1
with:
# [optonal] The path to the Podfile.lock file. Defaults to finding all
# Podfile.lock in the current working directory
cocoapods-lock: "./Podfile.lock"
# [optional] Token used to authenticate with the GitHub API. Defaults to the GITHUB_TOKEN secret.
token: ${{ secrets.ACTIONS_TOKEN }}
Workflow Example
name: Brew Lockfile Dependency Submission Action
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
permissions:
contents: write # needed
jobs:
gradle-lock:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
# ... generate CocoaPods Podfile.lock
- name: CocoaPods Dependency Submission Action
uses: advanced-security/cocoapods-dependency-submission-action@v1.1
License
This project is licensed under the terms of the MIT open source license. Please refer to MIT for the full terms.
Maintainers
Maintained by @GeekMasher.
Support
Please create GitHub issues for any feature requests, bugs, or documentation problems.
Acknowledgement
- @GeekMasher: Author and Maintainer