Closed de-jcup closed 1 month ago
Currently the GitHub action default is a dedicated version (e.g. '1.4.0'). It's also mentioned inside https://github.com/mercedes-benz/sechub/blob/develop/github-actions/scan/README.adoc
The problem is, that client version updates are not automatically used by the SecHub GitHub action
The default shall be latest
latest
https://github.com/mercedes-benz/sechub/blob/develop/github-actions/scan/src/client-download.ts
must be changed in a way, that when client version is lastest, the
lastest
const zipDownloadUrl = `https://github.com/mercedes-benz/sechub/releases/download/v${clientVersion}-client/sechub-cli-${clientVersion}.zip`;
uses instead (in this case)
zipDownloadUrl = `https://mercedes-benz.github.io/sechub/latest/sechub-client.html`;
latest must be the example entry - means people just copying the example will automatically use the latest client version
Situation
Currently the GitHub action default is a dedicated version (e.g. '1.4.0'). It's also mentioned inside https://github.com/mercedes-benz/sechub/blob/develop/github-actions/scan/README.adoc
The problem is, that client version updates are not automatically used by the SecHub GitHub action
Wanted
The default shall be
latest
Solution
Details: change download implementation
https://github.com/mercedes-benz/sechub/blob/develop/github-actions/scan/src/client-download.ts
must be changed in a way, that when client version is
lastest
, theuses instead (in this case)
Details: change README
latest
must be the example entry - means people just copying the example will automatically use the latest client version