You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
| `checksum-validation` | Verify SHA256 checksum of downloaded binaries | No | `true` |
215
213
| `firewall-version` | Specify the firewall version number | No | `latest` |
216
214
| `github-token` | GitHub API Token used for downloading binaries | No | `${{ github.token}}` |
217
215
| `job-summary` | Create a [job summary][job-summary] (`all`, `errors`, or `none`) | No | `all` |
@@ -228,26 +226,37 @@ Add a cooldown period if you want an extra buffer before newly published action
228
226
229
227
### Supported Ecosystems
230
228
231
-
The following package managers are supported and will have shims created automatically (when `shims` is `true`):
229
+
When `shims` is `true` (the default), the action creates shims so package manager commands are automatically routed through sfw. The supported ecosystems depend on the edition.
Available in both [sfw-free][sfw-free-ecosystems] and [sfw-enterprise][sfw-enterprise-ecosystems]:
243
234
244
-
By default the action validates the SHA256 checksum of the downloaded firewall binary against the checksum file published alongside each release. This helps make sure the binary was not tampered with during download. You can disable this if needed:
235
+
| Ecosystem | Package Manager |
236
+
| ------------------- | --------------- |
237
+
| JavaScript/Node | `npm` |
238
+
| JavaScript/Node | `pnpm` |
239
+
| JavaScript/Node | `yarn` |
240
+
| Python | `pip` |
241
+
| Python | `uv` |
242
+
| Rust | `cargo` |
245
243
246
-
```yaml
247
-
- uses: SocketDev/action@v1.3.1
248
-
with:
249
-
mode: firewall-free
250
-
checksum-validation: 'false'
251
-
```
244
+
#### Enterprise only
245
+
246
+
Additional ecosystems available with [sfw-enterprise][sfw-enterprise-ecosystems]:
The action validates the SHA256 checksum of the downloaded firewall binary against the checksum file published alongside each release. This ensures the binary was not tampered with during download.
0 commit comments