Update to latest audit code version (actions#2209)

* Update to latest audit code version * Fix Description * Fix extra space in comments
fortify · Nov 13, 2023 · c6c4452 · c6c4452
1 parent b1df8a5
commit c6c4452
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 12 deletions.
diff --git a/code-scanning/crunch42.yml b/code-scanning/crunch42.yml
@@ -3,23 +3,22 @@
 # separate terms of service, privacy policy, and support
 # documentation.
 
-# This workflow locates REST API file contracts
-# (Swagger or OpenAPI format, v2 and v3, JSON and YAML)
-# and runs 200+ security checks on them using 42Crunch Security Audit technology.
+# This workflow locates REST API file contracts (Swagger or OpenAPI format, v2 and v3, JSON and YAML)
+# and runs 300+ security checks on them using 42Crunch Security Audit technology to uncover
+# potential vulnerabilities related to authentication, authorization as well as data validation.
 #
 # Documentation is located here: https://docs.42crunch.com/latest/content/tasks/integrate_github_actions.htm
 #
-# To use this workflow, you will need to complete the following setup steps.
+# To use this workflow, you need a 42Crunch platform account. If you do not have one, you can contact us
+# from this page: https://42crunch.com/request-demo.
 #
-# 1. Create a free 42Crunch account at https://platform.42crunch.com/register
-#
-# 2. Follow steps at https://docs.42crunch.com/latest/content/tasks/integrate_github_actions.htm
+# 1. Follow steps at https://docs.42crunch.com/latest/content/tasks/integrate_github_actions.htm
 #    to create an API Token on the 42Crunch platform
 #
-# 3. Add a secret in GitHub as explained in https://docs.42crunch.com/latest/content/tasks/integrate_github_actions.htm,
-#    store the 42Crunch API Token in that secret, and supply the secret's name as api-token parameter in this workflow
+# 2. Create an secret in GitHub as explained in https://docs.42crunch.com/latest/content/tasks/integrate_github_actions.htm
+#    and store the 42Crunch API Token in that secret. Expected default is API_TOKEN (see the api-token property in the task).
 #
-# If you have any questions or need help contact https://support.42crunch.com
+# If you have any questions or need help, open an issue at: https://support.42crunch.com.
 
 name: "42Crunch REST API Static Security Testing"
 
@@ -46,7 +45,7 @@ jobs:
       - uses: actions/checkout@v3
 
       - name: 42Crunch REST API Static Security Testing
-        uses: 42Crunch/api-security-audit-action@f3a4f4d44ca6f538fe84361373d7a2a374018fdd
+        uses: 42Crunch/api-security-audit-action@fc01ea7a89e6268875868f9d89598af7a9899ae0
         with:
           # Please create free account at https://platform.42crunch.com/register
           # Follow these steps to configure API_TOKEN https://docs.42crunch.com/latest/content/tasks/integrate_github_actions.htm

diff --git a/code-scanning/properties/crunch42.properties.json b/code-scanning/properties/crunch42.properties.json
@@ -1,7 +1,7 @@
 {
     "name": "42Crunch API Security Audit",
     "creator": "42Crunch",
-    "description": "Use the 42Crunch API Security Audit REST API to perform static application security testing (SAST) on OpenAPI/Swagger files.",
+    "description": "Use the 42Crunch Audit to perform static API security testing (SAST) on OpenAPI/Swagger files.",
     "iconName": "42crunch",
     "categories": ["Code Scanning"]
 }