From 11374cc3320ac97000df7aa0b52a60687cb23c09 Mon Sep 17 00:00:00 2001 From: Jessica Black Date: Wed, 20 Nov 2024 14:32:26 -0800 Subject: [PATCH] Clarify action as a starting point (#51) --- README.md | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index b4fd400..d8d636d 100644 --- a/README.md +++ b/README.md @@ -10,11 +10,20 @@ Find license compliance and security issues in your applications with [FOSSA](ht * Secure your open source code with accurate vulnerability detection and continuous integration ## About FOSSA Action + +> [!NOTE] +> This GitHub action is primarily intended to be a quick and easy starting point.
+> For more customization or expanded platform support (e.g. Windows), we recommend [integrating FOSSA CLI directly](https://github.com/fossas/fossa-cli?tab=readme-ov-file#getting-started) in your CI pipeline. +> +> You can reference our public repositories for examples on how to do this if desired: +> - [FOSSA CLI](https://github.com/fossas/fossa-cli/blob/master/.github/workflows/dependency-scan.yml) +> - [FOSSA Broker](https://github.com/fossas/broker/blob/main/.github/workflows/dependency-scan.yml) + FOSSA Action provides an easy to use entry point to using FOSSA in your github workflow. This github action will run FOSSA CLI in your github workflows with, at minimum, an API key. Below you can find [input documentation](#inputs) and [examples](#examples). FOSSA Action will run on any linux runner or on a MacOS runner. **Note**: In order to use container scanning, a running docker daemon is required - unfortunately Github's MacOS runner does not provide docker. -Windows is not currently supported. +Windows is not currently supported in this action, although it is supported when integrating FOSSA CLI directly. ### Versioning Please note: Versioning of this action does not correspond to the version of FOSSA CLI. This Action will always use the latest version of FOSSA CLI found [here](https://github.com/fossas/fossa-cli/releases).