Frog Curation protects your software supply chain by blocking malicious or risky open-source packages before they enter. The Job Summary lists specific package policy violations that led to their blockage and receives recommendations for alternative, policy-compliant package versions.
Feature Limitation
To view insights in the GH Job Summary, you must:
Include a step with the command
jf curation audit.steps: - name: Run JFrog Curation Audit run: jf curation auditUse JFrog CLI commands (for example,
jf pip install,jf maven install) instead of package manager commands.steps: - name: Install Python dependencies run: pip install -r requirements.txt
To learn more, refer to Curation Overview and CLI for JFrog Curation.