Skip to content

build(jfrog): add missing checkout step #2

build(jfrog): add missing checkout step

build(jfrog): add missing checkout step #2

name: "Frogbot Scan Pull Request"
on:
push:
workflow_dispatch:
permissions:
pull-requests: write
contents: read
jobs:
scan-pull-request:
runs-on: ubuntu-latest
# A pull request needs to be approved before Frogbot scans it. Any GitHub user who is associated with the
# "frogbot" GitHub environment can approve the pull request to be scanned.
environment: frogbot
steps:
- name: Checkout repository
uses: actions/checkout@v3
- uses: jfrog/frogbot@v2
env:
JF_URL: ${{ secrets.JF_URL }}
JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
JF_PATH_EXCLUSIONS: "*git*;*node_modules*;*target*;*venv*;*test*;*karma*;*dist*;*lib*"
JF_MIN_SEVERITY: "Medium"
JF_ALLOWED_LICENSES: "MIT, Apache-2.0"
# JF_AVOID_EXTRA_MESSAGES: "TRUE"
# JF_PR_COMMENT_TITLE: ""