Skip to content

Commit d58daff

Browse files
chao-deepbitsclaysang
chao-deepbits
and
claysang
authored
RD-965 Update README (#1)
* RD-965 Add sample scan results * RD-965 Refine folder structure * RD-965 Refine README.md * RD-965 Use 500w logo * RD-965 Refine README.md * RD-965 Fix wrong link of the sample scan results folder * RD-965 Fix wrong alt text for the SBOM status badge --------- Co-authored-by: Clay Sang <cs@claysang.com>
1 parent d292637 commit d58daff

File tree

5 files changed

+25
-0
lines changed

5 files changed

+25
-0
lines changed

README.md

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,11 @@
1+
<p align="center">
2+
<img src="https://cf-templates-199e8r5wvc06r-us-west-2.s3.us-west-2.amazonaws.com/deepbits-logo/logo@500w.png">
3+
</p>
4+
5+
<p align="center">
6+
<a href="https://tools.deepbits.com/github/DeepBitsTechnology/getsbom"><img alt="SBOM status for Deepbits SBOM Action" src="https://api.deepbits.com/gh/DeepBitsTechnology/getsbom/badge"></a>
7+
</p>
8+
19
# Deepbits SBOM Action
210

311
A **free** Github action for open-source projects that enables automated creation and risks (vulnerability, license, malware, etc.) analysis of software bill of materials (SBOM) from code repositories.
@@ -47,6 +55,12 @@ After the scan is complete, an artifact named `DEEPBITS_SCAN_RESULTS` will be ge
4755
| finalResult.json | The final scan report contains vulnerability and malware summary in JSON format |
4856
| staticResult.json | The static analysis report in JSON format |
4957

58+
**We have included a sample folder called `sample_scan_results` in the repository [here](./samples/DEEPBITS_SCAN_RESULTS/).**
59+
60+
It contains example artifacts generated by our action that you can use to analyze and view scan results.
61+
62+
We hope that these examples will help you understand the capabilities of our action and how it can enhance the security and compliance of your project.
63+
5064
## Actions Outputs
5165

5266
In addition to the artifact, you may also view the scan results and your previous scan histories on [DeepRepo](https://tools.deepbits.com/github).
@@ -61,6 +75,14 @@ To obtain these outputs, please refer to the three options listed below:
6175
| DEEPBITS_COMMIT | The URL to access the scan report of the commit on DeepRepo |
6276
| DEEPBITS_BADGE | A SVG badge displaying the status of the the repo |
6377

78+
**The image below is a screenshot of a scan result on [DeepRepo](https://tools.deepbits.com/github), which is accessible through the `DEEPBITS_COMMIT` output.**
79+
80+
![Scan result on DeepRepo](./samples/deeprepo_scan_screenshots.png)
81+
82+
The scan results displayed in DeepRepo are interactive and allow you to view detailed information about the components used in your project, as well as any vulnerabilities or licensing issues detected during the scan.
83+
84+
Click [this URL](https://tools.deepbits.com/github/DeepBitsTechnology/getsbom/d29263777ef33157254ff4207ca00cedf0d537e1) to see the comprehensive view of the screenshot results.
85+
6486
## License
6587

6688
This project is licensed under the MIT License. Please see the `LICENSE` file for more information.

0 commit comments

Comments
 (0)