action.yaml

name: 'nodejsscan'
author: 'Ajin Abraham <ajin@opensecurity.in>'
description: 'njsscan finds insecure code patterns in your node.js applications.'
inputs: 
  args:
    description: |
      positional arguments:
        path                  Path can be file(s) or directories with source code

      optional arguments:
        -h, --help            show this help message and exit
        --json                set output format as JSON
        --sarif               set output format as SARIF 2.1.0
        --sonarqube           set output format compatible with SonarQube
        -o OUTPUT, --output OUTPUT
                              output filename to save the result
        --missing-controls    enable missing security controls check
        -w, --exit-warning    non zero exit code on warning
        -v, --version         show njsscan version
    required: true
runs:
  using: docker
  image: Dockerfile
  args:
  - ${{ inputs.args }}
branding:
  icon: 'code'
  color: 'green'