Added git_repo_url, fix axios vulnerability, IaC support fail build on error

Author: veraakarthikbharadwaj

.github/workflows/binary-ready-veracode-sast-pipeline-scan.yml

@@ -119,7 +119,7 @@ jobs:
       - name: Veracode Pipeline-Scan
         if: always()
         id: pipeline-scan
-        uses: veracode/[email protected].17
+        uses: veracode/[email protected].18
         with:
           vid: ${{ secrets.VERACODE_API_ID }}
           vkey: ${{ secrets.VERACODE_API_KEY }}

.github/workflows/binary-ready-veracode-sast-policy-scan.yml

@@ -73,7 +73,7 @@ jobs:
           path: ./veracode_artifact_directory
 
       - name: Veracode Upload and Scan Action Step
-        uses: veracode/[email protected].6
+        uses: veracode/[email protected].7
         id: upload_and_scan
         with:
           vid: '${{ secrets.VERACODE_API_ID }}'

.github/workflows/binary-ready-veracode-sast-sandbox-scan.yml

@@ -26,7 +26,7 @@ jobs:
 
       - name: Veracode Upload and Scan Action Step
         id: upload_and_scan
-        uses: veracode/[email protected].6
+        uses: veracode/[email protected].7
         with:
           appname: ${{ github.event.client_payload.user_config.profile_name }}
           createprofile: true

.github/workflows/veracode-iac-secrets-scan.yml

@@ -52,7 +52,7 @@ jobs:
           ref: ${{ github.event.client_payload.sha }}
           token: ${{ github.event.client_payload.token }}
       - name: Run Veracode IaC/Secrets Scanning
-        uses: veracode/[email protected].3
+        uses: veracode/[email protected].4
         with:
             vid: ${{ secrets.VERACODE_API_ID }}
             vkey: ${{ secrets.VERACODE_API_KEY }}
@@ -62,3 +62,4 @@ jobs:
             format: "json"
             debug: false
             fail_build: ${{ github.event.client_payload.user_config.break_build_policy_findings }}
+            fail_build_on_error: ${{ github.event.client_payload.user_config.break_build_on_error }}

.github/workflows/veracode-pipeline-scan.yml

@@ -104,7 +104,7 @@ jobs:
       - name: Veracode Pipeline-Scan
         if: always()
         id: pipeline-scan
-        uses: veracode/[email protected].17
+        uses: veracode/[email protected].18
         with:
           vid: ${{ secrets.VERACODE_API_ID }}
           vkey: ${{ secrets.VERACODE_API_KEY }}

.github/workflows/veracode-policy-scan.yml

@@ -74,7 +74,7 @@ jobs:
 
       # run the policy scan action
       - name: Veracode Upload and Scan Action Step
-        uses: veracode/[email protected].6
+        uses: veracode/[email protected].7
         id: upload_and_scan
         with:
           appname: ${{ inputs.profile_name }}
@@ -88,6 +88,7 @@ jobs:
           scantimeout: 30
           # include: ${{ inputs.modules_to_scan }}
           failbuild: ${{ inputs.break_build_policy_findings }}
+          gitRepositoryUrl: ${{ github.server_url }}/${{ inputs.source_repository }}
 
       - name: Veracode Policy Results
         id: prepare-results

.github/workflows/veracode-sandbox-scan.yml

@@ -52,7 +52,7 @@ jobs:
 
       # run the policy scan action
       - name: Veracode Upload and Scan Action Step
-        uses: veracode/[email protected].6
+        uses: veracode/[email protected].7
         id: upload_and_scan
         with:
           appname: ${{ github.event.client_payload.user_config.profile_name }}
@@ -65,3 +65,4 @@ jobs:
           createsandbox: true
           sandboxname: GitHub App Scans-${{ github.event.client_payload.repository.branch }}
           failbuild: ${{ github.event.client_payload.user_config.break_build_policy_findings }}
+          gitRepositoryUrl: ${{ github.server_url }}/${{ github.event.client_payload.repository.full_name }}