From 09fc8a6d126918b64dac133782276ff5749f0247 Mon Sep 17 00:00:00 2001
From: Jeremy Dubreil <jeremydubreil@users.noreply.github.com>
Date: Fri, 30 Jun 2023 10:26:42 +0200
Subject: [PATCH] chore: bump SAST to 0.0.46

---
 .github/workflows/integration-test.yml | 4 ++--
 action.yaml                            | 9 +++++++--
 src/index.ts                           | 5 +++--
 3 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml
index f70546c2..77e7af23 100644
--- a/.github/workflows/integration-test.yml
+++ b/.github/workflows/integration-test.yml
@@ -32,7 +32,7 @@ jobs:
         with:
           target: push
           tools: sca,sast
-          classes: target
+          classpath: target/test-project-0.1.0.jar
           sources: ${{ github.workspace }}
           debug: true
       - name: Check run succeeded
@@ -61,7 +61,7 @@ jobs:
             exit 1
           fi
           export SAST_RESULTS=`jq '.runs | map (.results | length) | add' sast.sarif`
-          expectedSastResults=2
+          expectedSastResults=1
           echo "Got $SAST_RESULTS from SAST"
           if [ "$SAST_RESULTS" != "$expectedSastResults" ]; then
             echo "::error::Expected to have $expectedSastResults SAST results!"
diff --git a/action.yaml b/action.yaml
index b1a31368..2628bb5a 100644
--- a/action.yaml
+++ b/action.yaml
@@ -2,8 +2,12 @@ name: 'lacework-code-security'
 description: "Scan code with Lacework's Code Security offering"
 author: 'Lacework'
 inputs:
+  classpath:
+    description: 'Specify the Java classpath'
+    required: false
+    default: '.'
   classes:
-    description: 'Classes directory or JAR file to analyze'
+    description: 'Classes directory or JAR file to analyze (DEPRECATED)'
     required: false
     default: '.'
   sources:
@@ -54,7 +58,7 @@ runs:
       shell: bash
       run: |
         SCA_VERSION=0.0.50
-        SAST_VERSION=0.0.45
+        SAST_VERSION=0.0.46
         curl https://raw.githubusercontent.com/lacework/go-sdk/main/cli/install.sh | bash
         echo "cache-key=$(date +'%Y-%m-%d')-$SCA_VERSION-$SAST_VERSION" >> $GITHUB_OUTPUT
         echo "sca-version=$SCA_VERSION" >> $GITHUB_OUTPUT
@@ -91,6 +95,7 @@ runs:
     - id: run-analysis
       uses: './../lacework-code-security'
       with:
+        classpath: '${{ inputs.classpath }}'
         classes: '${{ inputs.classes }}'
         sources: '${{ inputs.sources }}'
         target: '${{ inputs.target }}'
diff --git a/src/index.ts b/src/index.ts
index 98466ecd..08b360e9 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -18,6 +18,7 @@ async function runAnalysis() {
   const tools = (getInput('tools') || 'sca').toLowerCase().split(',')
   const indirectDeps = getInput('eval-indirect-dependencies')
   const toUpload: string[] = []
+  const classpath = getInput('classpath') || getOrDefault('classes', '.')
   if (tools.includes('sca')) {
     var args = [
       'sca',
@@ -47,8 +48,8 @@ async function runAnalysis() {
       'sast',
       'scan',
       '--save-results',
-      '--classes',
-      getOrDefault('classes', '.'),
+      '--classpath',
+      classpath,
       '--sources',
       getOrDefault('sources', '.'),
       '-o',