SP-70 Updates readme

README.md

@@ -4,6 +4,7 @@
 ![CI](https://github.com/scanoss/code-scan-action/actions/workflows/ci.yml/badge.svg)
 [![Check dist/](https://github.com/scanoss/code-scan-action/actions/workflows/check-dist.yml/badge.svg)](https://github.com/scanoss/scanoss-code-scan-step/actions/workflows/check-dist.yml)
 [![CodeQL](https://github.com/scanoss/code-scan-action/actions/workflows/codeql-analysis.yml/badge.svg)](https://github.com/scanoss/scanoss-code-scan-step/actions/workflows/codeql-analysis.yml)
+![Coverage](./badges/coverage.svg)
 
 The SCANOSS Code Scan Action enhances your software development process by automatically scanning your code for security
 vulnerabilities and license compliance with configurable policies.
@@ -43,7 +44,7 @@ jobs:
 
       - name: Run SCANOSS Code Scan
         id: scanoss-code-scan-step
-        uses: scanoss/code-scan-action@main
+        uses: scanoss/code-scan-action@v0
 ```
 
 For example workflow runs, check out our
@@ -117,7 +118,7 @@ jobs:
 
       - name: Run SCANOSS Code Scan
         id: scanoss-code-scan-step
-        uses: scanoss/code-scan-action@main
+        uses: scanoss/code-scan-action@v0
         with:
           policies: copyleft, undeclared  #NOTE: undeclared policy requires a sbom.json in the project root
           dependencies.enabled: true

__tests__/main.test.ts

@@ -16,8 +16,8 @@ const runMock = jest.spyOn(main, 'run');
 let debugMock: jest.SpyInstance;
 let errorMock: jest.SpyInstance;
 let getInputMock: jest.SpyInstance;
-let setFailedMock: jest.SpyInstance;
-let setOutputMock: jest.SpyInstance;
+// let setFailedMock: jest.SpyInstance;
+// let setOutputMock: jest.SpyInstance;
 
 describe('action', () => {
   beforeEach(() => {
@@ -26,8 +26,8 @@ describe('action', () => {
     debugMock = jest.spyOn(core, 'debug').mockImplementation();
     errorMock = jest.spyOn(core, 'error').mockImplementation();
     getInputMock = jest.spyOn(core, 'getInput').mockImplementation();
-    setFailedMock = jest.spyOn(core, 'setFailed').mockImplementation();
-    setOutputMock = jest.spyOn(core, 'setOutput').mockImplementation();
+    // setFailedMock = jest.spyOn(core, 'setFailed').mockImplementation();
+    // setOutputMock = jest.spyOn(core, 'setOutput').mockImplementation();
   });
 
   it('SCANOSS Scan Action started', async () => {

__tests__/undeclared-policy-check.test.ts

@@ -24,14 +24,14 @@ describe('UndeclaredPolicyCheck', () => {
   });
 
   it('should pass the policy check when undeclared components are not found', async () => {
-    jest.spyOn(sbomUtils, 'parseSBOM').mockImplementation(async _ => Promise.resolve(sbomMock[1]));
+    jest.spyOn(sbomUtils, 'parseSBOM').mockImplementation(async () => Promise.resolve(sbomMock[1]));
 
     await undeclaredPolicyCheck.run(scannerResults);
     expect(undeclaredPolicyCheck.conclusion).toEqual(CONCLUSION.Success);
   });
 
   it('should fail the policy check when undeclared components are found', async () => {
-    jest.spyOn(sbomUtils, 'parseSBOM').mockImplementation(async _ => Promise.resolve(sbomMock[0]));
+    jest.spyOn(sbomUtils, 'parseSBOM').mockImplementation(async () => Promise.resolve(sbomMock[0]));
 
     await undeclaredPolicyCheck.run(scannerResults);
     expect(undeclaredPolicyCheck.conclusion).toEqual(CONCLUSION.Neutral);

src/policies/policy-check.ts

@@ -121,7 +121,7 @@ export abstract class PolicyCheck {
     core.debug(`Finish policy check: ${this.checkName}. (conclusion=${this._conclusion})`);
     this._status = STATUS.FINISHED;
 
-    const result = await this.octokit.rest.checks.update({
+    await this.octokit.rest.checks.update({
       owner: context.repo.owner,
       repo: context.repo.repo,
       check_run_id: this.checkRunId,