Skip to content

Commit 8db637e

Browse files
GeekMasherGeekMasher
committed
Update README
1 parent b88ed83 commit 8db637e

File tree

1 file changed

+66
-2
lines changed

1 file changed

+66
-2
lines changed

README.md

Lines changed: 66 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,66 @@
1-
# python-actions-template
2-
Python Based Actions Template
1+
# cocoapods-dependency-submission-action
2+
3+
This is the [CocoaPods Dependency Submission Action](https://github.com/GeekMasher/cocoapods-dependency-submission-action) which parses CocoaPods Lock files and submits the dependencies to the [Dependency Graph Submission API](https://docs.github.com/en/enterprise-cloud@latest/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api).
4+
5+
This means thats [GitHub's Dependabot](https://docs.github.com/en/enterprise-cloud@latest/code-security/dependabot/dependabot-alerts/about-dependabot-alerts) can use the CocoaPods to check for security vulnerabilities in your dependencies and keeping your Software Bill of Materials up to date.
6+
7+
## Usage
8+
9+
```yaml
10+
- name: CocoaPods Dependency Submission Action
11+
uses: GeekMasher/[email protected]
12+
```
13+
14+
### Action Inputs
15+
16+
```yaml
17+
- name: CocoaPods Dependency Submission Action
18+
uses: GeekMasher/[email protected]
19+
with:
20+
# [optonal] The path to the Podfile.lock file. Defaults to finding all
21+
# Podfile.lock in the current working directory
22+
cocoapods-lock: "./Podfile.lock"
23+
# [optional] Token used to authenticate with the GitHub API. Defaults to the GITHUB_TOKEN secret.
24+
token: ${{ secrets.ACTIONS_TOKEN }}
25+
```
26+
27+
### Workflow Example
28+
29+
```yaml
30+
name: Brew Lockfile Dependency Submission Action
31+
on:
32+
push:
33+
branches: [ main ]
34+
pull_request:
35+
branches: [ main ]
36+
37+
permissions:
38+
contents: write # needed
39+
40+
jobs:
41+
gradle-lock:
42+
runs-on: ubuntu-latest
43+
steps:
44+
- uses: actions/checkout@v2
45+
46+
# ... generate CocoaPods Podfile.lock
47+
48+
- name: CocoaPods Dependency Submission Action
49+
uses: GeekMasher/[email protected]
50+
```
51+
52+
## License
53+
54+
This project is licensed under the terms of the MIT open source license. Please refer to [MIT](./LICENSE) for the full terms.
55+
56+
## Maintainers
57+
58+
Maintained by [@GeekMasher](https://github.com/GeekMasher).
59+
60+
## Support
61+
62+
Please [create GitHub issues](https://github.com/GeekMasher/cocoapods-dependency-submission-action) for any feature requests, bugs, or documentation problems.
63+
64+
## Acknowledgement
65+
66+
- @GeekMasher: Author and Maintainer

0 commit comments

Comments
 (0)