iBoss/bolt-diy
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix: docker workflow security upload (#1951)

Browse Source 
* Fix artifact upload paths for CodeQL and SBOM results

- Correct CodeQL SARIF path from **/results to ../results (relative to workspace)
- Add fallback path for SBOM to handle different generation locations
- This should resolve the 'No files were found' warnings for artifacts

* Test commit to trigger Security Analysis workflow with fixed artifact paths

* Update docker.yaml

* Update security.yaml

* Update security.yaml
This commit is contained in:
Stijnus
2025-08-31 15:14:31 +02:00
committed by GitHub
parent b88eb6ee15
commit 8c34f72c63
3 changed files with 9 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@@ -366,3 +366,4 @@ For answers to common questions, issues, and to see a list of recommended models
**Who needs a commercial WebContainer API license?**
bolt.diy source code is distributed as MIT, but it uses WebContainers API that [requires licensing](https://webcontainers.io/enterprise) for production usage in a commercial, for-profit setting. (Prototypes or POCs do not require a commercial license.) If you're using the API to meet the needs of your customers, prospective customers, and/or employees, you need a license to ensure compliance with our Terms of Service. Usage of the API in violation of these terms may result in your access being revoked.
# Test commit to trigger Security Analysis workflow