The SCANOSS webhook is a multiplatform webhook that performs source code scans against the SCANOSS API. Supports integration with GitHub, GitLab and BitBucket APIs.
SCANOSS provides a source code scanner that can be used to detect Open Source dependencies in your code.
The purpose of this code is to offer a reference implementation that can be expanded to suit the needs of individuals and organisations.
For building and intallation see the guide How to build and deploy.
The specific instructions to install SCANOSS webhook depend on the particular vendor. SCANOSS webhook requires to be configured to receive pull requests, and be allowed to post commit comments and set the build status.
To test the webhook, once configured, you can perform a commit. If all permissions are right and everything goes smoothly, you should see that the webhook has created a comment in your commit, containing a summary of the scan results.
See the guide How to config Github.
See the guide How to config Bitbucket.
See the guide How to config Gitlab.
Please see our Contributing Guide and our Code of Conduct.