williambrady · williambrady · Jan 12, 2026 · Jan 12, 2026 · Jan 12, 2026
@@ -7,7 +7,7 @@ FROM python:3.11-slim as base
 # GitHub Actions labels
 LABEL org.opencontainers.image.source="https://github.com/crofton-cloud/sdlc-code-scanner"
 LABEL org.opencontainers.image.description="Security scanner for AWS Infrastructure-as-Code"
-LABEL org.opencontainers.image.licenses="MIT"
+LABEL org.opencontainers.image.licenses="PolyForm-Noncommercial-1.0.0"
 
 # Set environment variables
 ENV DEBIAN_FRONTEND=noninteractive \

@@ -3,7 +3,7 @@
 > Comprehensive security assessment tool for AWS Infrastructure-as-Code
 
 [![GitHub Action](https://img.shields.io/badge/GitHub%20Action-available-2088FF?logo=github-actions&logoColor=white)](https://github.com/marketplace/actions/sdlc-code-scanner)
-[![License](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE)
+[![License](https://img.shields.io/badge/License-PolyForm%20Noncommercial-blue.svg)](LICENSE)
 
 SDLC Code Scanner is a Docker-based security scanning platform that orchestrates multiple industry-leading security tools to provide comprehensive analysis of your AWS infrastructure code. It implements a multi-layered security scanning approach covering linting, security policies, dependency vulnerabilities, and secrets detection.
 

@@ -375,6 +375,13 @@ echo "Total Findings: $TOTAL"
 echo "Exit Code: $EXIT_CODE"
 echo ""
 
+# Fix permissions on report directory so GitHub runner can read the files
+# Docker container runs as root, but runner user needs access for artifact upload
+if [[ -d "$REPORT_DIR" ]]; then
+    find "$REPORT_DIR" -type d -exec chmod 755 {} + 2>/dev/null || true
+    find "$REPORT_DIR" -type f -exec chmod 644 {} + 2>/dev/null || true
+fi
+
 # If we used fallback report directory, try to copy reports to workspace
 if [[ "${FALLBACK_REPORT_DIR:-}" == "true" ]]; then
     WORKSPACE_REPORT_DIR="${GITHUB_WORKSPACE}/.sdlc-code-scanner-reports"