Skip to content

chore(deps): bump pypa/gh-action-pypi-publish from 1.8.14 to 1.10.1 #269

chore(deps): bump pypa/gh-action-pypi-publish from 1.8.14 to 1.10.1

chore(deps): bump pypa/gh-action-pypi-publish from 1.8.14 to 1.10.1 #269

Workflow file for this run

name: Test github action for merging SPDX
on:
push:
jobs:
test-action:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # ratchet:actions/[email protected]
- name: Test merging SPDX JSON format files
uses: ./
with:
docpath: ${{github.workspace}}/test/json/input
name: sample-sbom-json
mergetype: "1" # 0 shallow merge, 1 deep merge
author: "ci/cd build pipeline"
email: "[email protected]"
docnamespace: "https://philips.example.com"
filetype: "J" # J JSON, T for SPDX tag value format
- name: Check result for JSON format
run: |
# Ignore field created since it contains a created at timestamp
diff -I"created" merged-SBoM-deep.json ${{github.workspace}}/test/json/output/result.json
- name: Test merging SPDX Tag value format files
uses: ./
with:
docpath: ${{github.workspace}}/test/spdx/input
name: sample-sbom-spdx
mergetype: "0" # 0 shallow merge, 1 deep merge
author: "ci/cd build pipeline"
email: "[email protected]"
docnamespace: "https://philips.example.com"
filetype: "T" # J JSON, T for SPDX tag value format
- name: Check result for SPDX tag value format
run: |
# Ignore field created since it contains a created at timestamp
diff -I"Created" merged-SBoM-shallow.spdx ${{github.workspace}}/test/spdx/output/result.spdx