GitHub action that uses the vcn tool from CodeNotary.com to authenticate the the bill of materials (BoM) for Java (Maven) projects. It accepts directories or JARs containing a pom.xml file as input.
Have a look in the provided example workflow.
💡 The underlying vcn Docker image can also be run directly (an example is also provided in the same example workflow). This way one can specify any vcn 💥 flag, not just the ones exposed by the GitHub action.
👉 This link lists all the other GitHub actions that are available from CodeNotary.