top of page
  • Julian Coccia

New CI/CD Integration Tools for Enhanced Software Compliance and Security




We are thrilled to announce the launch of our new CI/CD integration solutions for 2024: the SCANOSS Code Scan Action for GitHub and Jenkins Pipeline Integration. These tools are designed to streamline and enhance the integration of SCANOSS's robust code scanning capabilities into your development workflows. 



GitHub Action: Easy Integration into GitHub Workflows 


The SCANOSS Code Scan Action, now available on the GitHub Marketplace, allows users to seamlessly add advanced code scanning to their GitHub Actions. This tool is particularly adept at detecting "undeclared OSS" and "Copyleft" license violations, enabling developers to enforce compliance and security best practices effortlessly. 



Jenkins Pipeline: Customizable Automation for Jenkins 


Our new Jenkins integration includes a set of sample pipelines that demonstrate the seamless integration of SCANOSS into Jenkins-based CI/CD environments. This feature supports the detection of critical licensing issues and facilitates the automated creation of JIRA issues, enhancing project management and compliance. The pipelines are configurable to trigger on push, pull requests, or on a scheduled basis, aligning with your project's needs. This is of course available on GitHub

  


Empowering Developers with Advanced Tools 


These integration solutions underscore our commitment to empowering developers and organizations with the tools to maintain compliance and security without disrupting existing workflows. By enhancing our CI/CD integrations, we help you safeguard your software development lifecycle against potential risks efficiently. 

  

For more detailed information and to get started with these tools, head to our GitHub Listing for the SCANOSS Code Scan Action and our Jenkins Integration GitHub page. Join us in advancing the future of secure and compliant software development. 


Comments


bottom of page