Merge pull request #107 from IABTechLab/gdm-UID2-3154-secret-scanning…

…-defaults Updated default args for vuln scanning
IABTechLab · Apr 26, 2024 · 76148fd · 76148fd
2 parents dd96735 + 2294899
commit 76148fd
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 7 deletions.
diff --git a/actions/vulnerability_scan/action.yaml b/actions/vulnerability_scan/action.yaml
@@ -6,7 +6,7 @@ inputs:
     default: CRITICAL,HIGH
   failure_severity:
     description: The severity that will cause the action to fail if a vulnerability at that level is detected. UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
-    default: CRITICAL
+    default: CRITICAL,HIGH
   publish_vulnerabilities:
     description: If true, will attempt to publish the results to the GitHub security tab
     default: 'true'

diff --git a/actions/vulnerability_scan_filesystem/action.yaml b/actions/vulnerability_scan_filesystem/action.yaml
@@ -2,15 +2,13 @@ name: Vulnerability Scanning
 description: Scans the file system for vulnerabilities
 inputs:
   scan_severity:
-    description: 'The severity that will cause the action to report if a vulnerability at that level is detected. UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
-    required: false
-    default: 'CRITICAL,HIGH'
+    description: The severity that will cause the action to report if a vulnerability at that level is detected. UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
+    default: CRITICAL,HIGH
   failure_severity:
     description: 'The severity that will cause the action to fail if a vulnerability at that level is detected. UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
-    required: false
-    default: 'CRITICAL'
+    default: CRITICAL,HIGH
   publish_vulnerabilities:
-    description: 'If true, will attempt to publish the results to the GitHub security tab'
+    description: If true, will attempt to publish the results to the GitHub security tab
     required: false
     default: 'true'
 runs: