Skip to content
shield

GitHub Action

Synopsys Action

v1.9.0 Latest version

Synopsys Action

shield

Synopsys Action

Find and fix software weaknesses and vulnerabilities during development, before you ship or deploy

Installation

Copy and paste the following snippet into your .yml file.

              
- name: Synopsys Action

              
  uses: synopsys-sig/[email protected]
Learn more about this action in synopsys-sig/synopsys-action

Choose a version

Synopsys Action

GitHub tag (latest SemVer)

Synopsys Action allows you to integrate Static Analysis Security Testing (SAST) and Software Composition Analysis (SCA) into your CI/CD pipelines. Synopsys Action leverages Synopsys Bridge, a foundational piece of technology that has built-in knowledge of how to run all major Synopsys security testing solutions, plus common workflows for platforms like GitHub.

To use Synopsys Action, please follow the steps below:

  1. Configure GitHub as described in the GitHub Prerequisites page.
  2. Install and configure Synopsys Action for the Synopsys product you are using.
    Polaris
    Black Duck
    Coverity
  3. For additional configuration options, visit the Additional GitHub Configuration page.

As an alternative to Synopsys Action, you also have the option to use Synopsys Bridge CLI.
Detailed documentation for Synopsys Bridge CLI can be found here.