Merge pull request #56 from githubabcs-devops/feature/update28

CalinL · web-flow · commit 2793819d48fc · 2025-04-24T21:33:38.000-04:00
Remove 'container-mapping' from the list of tools in MSDO workflow
diff --git a/.github/workflows/MSDO-Microsoft-Security-DevOps.yml b/.github/workflows/MSDO-Microsoft-Security-DevOps.yml
@@ -38,7 +38,7 @@ jobs:
       # policy: 'GitHub' | 'microsoft' | 'none'. Optional. The name of a well-known Microsoft policy. If no configuration file or list of tools is provided, the policy may instruct MSDO which tools to run. Default: GitHub.
       # categories: string. Optional. A comma-separated list of analyzer categories to run. Values: 'code', 'artifacts', 'IaC', 'containers'. Example: 'IaC, containers'. Defaults to all.
       # languages: string. Optional. A comma-separated list of languages to analyze. Example: 'javascript,typescript'. Defaults to all.
-        tools: 'bandit, binskim, checkov, container-mapping, templateanalyzer, terrascan, trivy'
+        tools: 'bandit, checkov, templateanalyzer, terrascan, trivy'
    
     # Upload alerts to the Security tab - required for MSDO results to appear in the codeQL security alerts tab on GitHub (Requires GHAS)
     - name: Upload results to Security tab
