[REQ] Embed SCA resolver #147
Labels
enhancement
New feature or request
Comments
|
Internal Jira issue: AST-30582 |
3 tasks
|
Hi @jimmy-lt Thanks for raising this request. It is a bit more complex, because in order to run the SCA resolver inside the docker container, you need to have the package managers installed, so we would need to include SCA resolver and all the package managers. We recommend using the ast-cli directly in your pipeline. Please check the example below: Thanks! |
|
Hi @pedrompflopes, That is correct. In this case, I recommend to fork the action to install the required packages for the resolution. But at least SCA Resolver will already be present. In our case, we have a dedicated branch for each technology: JDK, PHP, ... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Issue
The Docker image created by this action is missing required libraries for SCA resolver to run:
libstdc++zlibProposed solution
By embedding SCA resolver, its integration with the action can readily be tested and users are be given a quick way to scan dependencies locally. This is quite useful when a local package repository which is inaccessible by Checkmarx One is used.
The text was updated successfully, but these errors were encountered: