From a9328ff560b3d66bce7625bfcb56f305a69b9be3 Mon Sep 17 00:00:00 2001 From: dktran65g Date: Wed, 8 Apr 2026 19:10:37 -0400 Subject: [PATCH] Add README file Add README files --- .github/CODEOWNERS | 1 + .github/dependabot.yml | 8 ++++++++ README.md | 17 +++++++++++++++++ 3 files changed, 26 insertions(+) create mode 100644 .github/CODEOWNERS create mode 100644 .github/dependabot.yml create mode 100644 README.md diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..cbb3182 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +* @SocketDev/customer-success \ No newline at end of file diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..87dd9a8 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,8 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "monthly" + cooldown: + default-days: 7 diff --git a/README.md b/README.md new file mode 100644 index 0000000..6a8a886 --- /dev/null +++ b/README.md @@ -0,0 +1,17 @@ +# socket-bazel-adapter + +A vendor auxiliary adapter that wraps the [Socket CLI](https://docs.socket.dev/cli) for use within Bazel build environments. Drop the `socket-tool/` folder into any Bazel monorepo to run Socket security scans (standard or Tier-1 reachability analysis) against collected manifest and lockfiles. + +## What it does + +- Generates missing manifest files from orphaned lockfiles +- Collects manifest files into a `bazel-manifest-output/` directory +- Runs Socket security scans via Bazel targets (`socket_scan` or `t1_socket_scan`) + +## Quick start + +See [HOW-TO-use-socket-tool-in-Bazel.md](HOW-TO-use-socket-tool-in-Bazel.md) for setup, environment variables, and usage instructions. + +## Example + +Reference project: [monorepo-bazel-demo](https://github.com/socketdev-demo/monorepo-bazel-demo)