jfrog
diff --git a/‎.github/workflows/action-test.yml
+1-1 b/‎.github/workflows/action-test.yml
+1-1
diff --git a/‎.github/workflows/analysis.yml
+11-2 b/‎.github/workflows/analysis.yml
+11-2
diff --git a/‎.github/workflows/frogbot-scan-pr.yml
-39 b/‎.github/workflows/frogbot-scan-pr.yml
-39
diff --git a/‎.github/workflows/frogbot-scan-pull-request.yml
+119 b/‎.github/workflows/frogbot-scan-pull-request.yml
+119
diff --git a/‎.github/workflows/frogbot-scan-and-fix.yml renamed to ‎.github/workflows/frogbot-scan-repository.yml
+10-19 b/‎.github/workflows/frogbot-scan-and-fix.yml renamed to ‎.github/workflows/frogbot-scan-repository.yml
+10-19
diff --git a/‎.github/workflows/test.yml
+23-17 b/‎.github/workflows/test.yml
+23-17
diff --git a/‎.github/workflows/update-v2-tag.yml
+1-1 b/‎.github/workflows/update-v2-tag.yml
+1-1
diff --git a/‎README.md
+2 b/‎README.md
+2
diff --git a/‎action/node_modules/.package-lock.json
+1-1 b/‎action/node_modules/.package-lock.json
+1-1
@@ -17,7 +17,7 @@ jobs:
     steps:
       # Checkout and install prerequisites
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Setup NodeJS
         uses: actions/setup-node@v3
         with:
 
@@ -9,12 +9,20 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Source
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
+
       - name: Install Go
         uses: actions/setup-go@v3
         with:
           go-version: 1.20.x
 
+      - name: Go Cache
+        uses: actions/cache@v3
+        with:
+          path: ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: ${{ runner.os }}-go-
+
       # Generate mocks
       - name: Generate mocks
         run: go generate ./...
@@ -31,7 +39,8 @@ jobs:
       GOFLAGS: -buildvcs=false
     steps:
       - name: Checkout Source
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
+
       - name: Install Go
         uses: actions/setup-go@v3
         with:
 
@@ -0,0 +1,119 @@
+name: "Frogbot Scan Pull Request"
+on:
+  pull_request_target:
+    types: [ opened, synchronize ]
+permissions:
+  pull-requests: write
+  contents: read
+jobs:
+  scan-pull-request:
+    runs-on: ubuntu-latest
+    # A pull request needs to be approved before Frogbot scans it. Any GitHub user who is associated with the
+    # "frogbot" GitHub environment can approve the pull request to be scanned.
+    environment: frogbot
+    steps:
+      - uses: jfrog/frogbot@v2
+        env:
+          JFROG_CLI_LOG_LEVEL: "DEBUG"
+          # [Mandatory]
+          # JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
+          JF_URL: ${{ secrets.FROGBOT_URL }}
+
+          # [Mandatory if JF_USER and JF_PASSWORD are not provided]
+          # JFrog access token with 'read' permissions on Xray service
+          JF_ACCESS_TOKEN: ${{ secrets.FROGBOT_ACCESS_TOKEN }}
+
+          # [Mandatory]
+          # The GitHub token is automatically generated for the job
+          JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+          # [Optional, default: https://api.github.com]
+          # API endpoint to GitHub
+          # JF_GIT_API_ENDPOINT: https://github.example.com
+
+          # [Optional]
+          # By default, the Frogbot workflows download the Frogbot executable as well as other tools
+          # needed from https://releases.jfrog.io
+          # If the machine that runs Frogbot has no access to the internet, follow these steps to allow the
+          # executable to be downloaded from an Artifactory instance, which the machine has access to:
+          #
+          # 1. Login to the Artifactory UI, with a user who has admin credentials.
+          # 2. Create a Remote Repository with the following properties set.
+          #    Under the 'Basic' tab:
+          #       Package Type: Generic
+          #       URL: https://releases.jfrog.io
+          #    Under the 'Advanced' tab:
+          #       Uncheck the 'Store Artifacts Locally' option
+          # 3. Set the value of the 'JF_RELEASES_REPO' variable with the Repository Key you created.
+          # JF_RELEASES_REPO: ""
+
+          # [Optional]
+          # Configure the SMTP server to enable Frogbot to send emails with detected secrets in pull request scans.
+          # SMTP server URL including should the relevant port: (Example: smtp.server.com:8080)
+          JF_SMTP_SERVER: ${{ secrets.JF_SMTP_SERVER }}
+
+          # [Mandatory if JF_SMTP_SERVER is set]
+          # The username required for authenticating with the SMTP server.
+          JF_SMTP_USER: ${{ secrets.JF_SMTP_USER }}
+
+          # [Mandatory if JF_SMTP_SERVER is set]
+          # The password associated with the username required for authentication with the SMTP server.
+          JF_SMTP_PASSWORD: ${{ secrets.JF_SMTP_PASSWORD }}
+
+          # [Optional]
+          # List of comma separated email addresses to receive email notifications about secrets
+          # detected during pull request scanning. The notification is also sent to the email set
+          # in the committer git profile regardless of whether this variable is set or not.
+          JF_EMAIL_RECEIVERS: "[email protected]"
+
+          ##########################################################################
+          ##   If your project uses a 'frogbot-config.yml' file, you can define   ##
+          ##   the following variables inside the file, instead of here.          ##
+          ##########################################################################
+
+          # [Mandatory if the two conditions below are met]
+          # 1. The project uses yarn 2, NuGet or .NET Core to download its dependencies
+          # 2. The `installCommand` variable isn't set in your frogbot-config.yml file.
+          #
+          # The command that installs the project dependencies (e.g "nuget restore")
+          # JF_INSTALL_DEPS_CMD: ""
+
+          # [Optional, default: "."]
+          # Relative path to the root of the project in the Git repository
+          # JF_WORKING_DIR: path/to/project/dir
+
+          # [Optional]
+          # Xray Watches. Learn more about them here: https://www.jfrog.com/confluence/display/JFROG/Configuring+Xray+Watches
+          # JF_WATCHES: <watch-1>,<watch-2>...<watch-n>
+
+          # [Optional]
+          # JFrog project. Learn more about it here: https://www.jfrog.com/confluence/display/JFROG/Projects
+          # JF_PROJECT: <project-key>
+
+          # [Optional, default: "FALSE"]
+          # Displays all existing vulnerabilities, including the ones that were added by the pull request.
+          # JF_INCLUDE_ALL_VULNERABILITIES: "TRUE"
+
+          # [Optional, default: "TRUE"]
+          # Fails the Frogbot task if any security issue is found.
+          # JF_FAIL: "FALSE"
+
+          # [Optional]
+          # Frogbot will download the project dependencies if they're not cached locally. To download the
+          # dependencies from a virtual repository in Artifactory, set the name of the repository. There's no
+          # need to set this value, if it is set in the frogbot-config.yml file.
+          # JF_DEPS_REPO: ""
+
+          # [Optional, Default: "FALSE"]
+          # If TRUE, Frogbot creates a single pull request with all the fixes.
+          # If false, Frogbot creates a separate pull request for each fix.
+          # JF_GIT_AGGREGATE_FIXES: "FALSE"
+
+          # [Optional, Default: "FALSE"]
+          # Handle vulnerabilities with fix versions only
+          # JF_FIXABLE_ONLY: "TRUE"
+
+          # [Optional]
+          # Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests
+          # The following values are accepted: Low, Medium, High or Critical
+          # JF_MIN_SEVERITY: ""
@@ -1,4 +1,4 @@
-name: "Frogbot Scan and Fix"
+name: "Frogbot Scan Repository"
 on:
   workflow_dispatch:
   schedule:
@@ -11,38 +11,25 @@ permissions:
 jobs:
   scan-repository:
     runs-on: ubuntu-latest
+    name: Scan Repository (${{ matrix.branch }} branch)
     strategy:
       matrix:
         # The repository scanning will be triggered periodically on the following branches.
         branch: [ "dev" ]
     steps:
-
-      # Install prerequisites
-      - name: Setup Go
-        uses: actions/setup-go@v3
-        with:
-          go-version: 1.20.x
-
       - uses: jfrog/frogbot@v2
         env:
+          JFROG_CLI_LOG_LEVEL: "DEBUG"
           # [Mandatory]
-          # JFrog platform URL
+          # JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
           JF_URL: ${{ secrets.FROGBOT_URL }}
 
           # [Mandatory if JF_USER and JF_PASSWORD are not provided]
           # JFrog access token with 'read' permissions on Xray service
           JF_ACCESS_TOKEN: ${{ secrets.FROGBOT_ACCESS_TOKEN }}
 
-          # [Mandatory if JF_ACCESS_TOKEN is not provided]
-          # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD
-          # JF_USER: ${{ secrets.JF_USER }}
-
-          # [Mandatory if JF_ACCESS_TOKEN is not provided]
-          # JFrog password. Must be provided with JF_USER
-          # JF_PASSWORD: ${{ secrets.JF_PASSWORD }}
-
           # [Mandatory]
-          # The GitHub token automatically generated for the job
+          # The GitHub token is automatically generated for the job
           JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
           # [Mandatory]
@@ -59,7 +46,7 @@ jobs:
           # If the machine that runs Frogbot has no access to the internet, follow these steps to allow the
           # executable to be downloaded from an Artifactory instance, which the machine has access to:
           #
-          # 1. Login to the Artifactory UI, with a user which has admin credentials.
+          # 1. Login to the Artifactory UI, with a user who has admin credentials.
           # 2. Create a Remote Repository with the following properties set.
           #    Under the 'Basic' tab:
           #       Package Type: Generic
@@ -125,3 +112,7 @@ jobs:
           # Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests
           # The following values are accepted: Low, Medium, High or Critical
           # JF_MIN_SEVERITY: ""
+
+          # [Optional, Default: [email protected]]
+          # Set the email of the commit author
+          # JF_GIT_EMAIL_AUTHOR: ""
@@ -23,7 +23,7 @@ jobs:
           labels: "safe to test"
 
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
 
@@ -42,25 +42,34 @@ jobs:
       # Generate mocks
       - name: Generate mocks
         run: go generate ./...
-        if: ${{ matrix.suite != 'unit' }}
 
       - name: Lint
         run: go vet -v ./...
 
   tests:
     needs: Pretest
-    name: ${{ matrix.suite }} Tests (${{ matrix.os }})
+    name: ${{ matrix.suite.name }} Tests (${{ matrix.os }})
     runs-on: ${{ matrix.os }}-latest
     env:
       JFROG_CLI_LOG_LEVEL: "DEBUG"
     strategy:
       fail-fast: false
       matrix:
-        suite: [ unit, scanrepository, scanpullrequest, packagehandlers ]
+        suite:
+          - name: 'Unit'
+
+          - name: 'Scan Repository'
+            package: 'scanrepository'
+
+          - name: 'Scan Pull Request'
+            package: 'scanpullrequest'
+
+          - name: 'Package Handlers'
+            package: 'packagehandlers'
         os: [ ubuntu, windows, macos ]
     steps:
       # Configure prerequisites
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
       - name: Setup Go
@@ -89,24 +98,21 @@ jobs:
       - name: Install python components
         run: python -m pip install pipenv poetry
 
+      - name: Install dotnet
+        uses: actions/setup-dotnet@v3
+        with:
+          dotnet-version: "6.x"
+
       # Generate mocks
       - name: Generate mocks
         run: go generate ./...
-        if: ${{ matrix.suite != 'unit' }}
-
-      - name: unit Tests
-        run: go test github.com/jfrog/frogbot -v -race -timeout 30m -cover
-        env:
-          JF_URL: ${{ secrets.PLATFORM_URL }}
-          JF_ACCESS_TOKEN: ${{ secrets.PLATFORM_ADMIN_TOKEN }}
-        if: ${{ matrix.suite == 'unit' }}
+        if: ${{ matrix.suite.name != 'Unit' }}
 
-      - name: ${{ matrix.test }} Tests
-        run: go test github.com/jfrog/frogbot/${{ matrix.suite }} -v -race -timeout 30m -cover
+      - name: Run Tests
+        run: go test github.com/jfrog/frogbot/${{ matrix.suite.package }} -v -race -timeout 30m -cover
         env:
           JF_URL: ${{ secrets.PLATFORM_URL }}
           JF_ACCESS_TOKEN: ${{ secrets.PLATFORM_ADMIN_TOKEN }}
-        if: ${{ matrix.suite != 'unit' }}
 
   # Build and run frogbot current changes for visual sanity check.
   sanity-pull-request:
@@ -120,7 +126,7 @@ jobs:
           go-version: 1.20.x
 
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
 
 
@@ -8,7 +8,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Update v2 tag
         run: git tag -f v2
       - name: Push changes
 
@@ -254,6 +254,8 @@ Supported package management tools:
 
 - Go
 - Maven
+- NuGet
+- .NET
 - npm
 - Pip
 - Pipenv
-Original file line number
+Diff line change
 - Go
 - Maven
 +- NuGet
 +- .NET
 - npm
 - Pip
 - Pipenv