From 5adcc8a7d7849895eed69619b6bb733f05ccc28d Mon Sep 17 00:00:00 2001 From: Bradley Date: Wed, 27 Sep 2023 10:53:51 +1300 Subject: [PATCH] Update fail-policies.md I was puzzled about why my license failures were not causing a failure. I realised that the issue type is `licenses` not `license` as the documentation suggests --- audit/fail-policies.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/audit/fail-policies.md b/audit/fail-policies.md index 28706b1..0b13fc6 100644 --- a/audit/fail-policies.md +++ b/audit/fail-policies.md @@ -2,7 +2,7 @@ When running in the command line, Sandworm can be configured to fail by exiting with code 1 when identifying specific issue types and/or severities. This makes it easy to integrate Sandworm as a part of your CI or Git hook flow. -To provide fail conditions, use the `--fail-on` command-line option, or the `audit.failOn` field in the `.sandworm.config.json` configuration file. You should provide an array of string conditions. Each condition has a required type and a required severity, joined by a dot. Possible types are `*`, `root`, `dependencies`, `license`, and `meta`. Possible severities are `*`, `critical`, `high`, `moderate`, and `low`. Using these, you can construct fail conditions like: +To provide fail conditions, use the `--fail-on` command-line option, or the `audit.failOn` field in the `.sandworm.config.json` configuration file. You should provide an array of string conditions. Each condition has a required type and a required severity, joined by a dot. Possible types are `*`, `root`, `dependencies`, `licenses`, and `meta`. Possible severities are `*`, `critical`, `high`, `moderate`, and `low`. Using these, you can construct fail conditions like: - `*.*` - fail on any issue; - `dependencies.*` - fail on any vulnerability identified with the app dependencies; - `root.*` - fail on any vulnerability identified with the app itself; @@ -20,4 +20,4 @@ No fail conditions are set by default. {% hint style="info" %} Sandworm will also exit with code 1 if it encounters any errors that potentially alter the audit result. -{% endhint %} \ No newline at end of file +{% endhint %}