Update frogbot-config.yml

asafcjfrog · web-flow · commit 71a147c1dcef · 2025-05-05T23:24:08.000+03:00
diff --git a/jfrog-applications/frogbot/templates/.frogbot/frogbot-config.yml b/jfrog-applications/frogbot/templates/.frogbot/frogbot-config.yml
@@ -1,113 +1,6 @@
-# The "params" section includes the configuration of a single Git repository that needs to be scanned.
-# For Azure Repos, Bitbucket Server and GitHub with JFrog Pipelines or Jenkins, you can define multiple "params" sections one after the other, for scanning multiple
-# Git repositories in the same organization.
-- params:
-    # Git parameters
-    git:
-      # [Mandatory]
-      # Name of the git repository to scan
-      repoName: repo-name
+**The JFrog Security documentation has a new home!**\
+You can now find it [here](https://jfrog.com/help/p/security-home), including sections on:
 
-      # [Mandatory]
-      # List of branches to scan
-      branches:
-        - master
-
-      # [Optional]
-      # Template for the branch name generated by Frogbot when creating pull requests with fixes.
-      # The template must include ${BRANCH_NAME_HASH}, to ensure that the generated branch name is unique.
-      # The template can optionally include the ${IMPACTED_PACKAGE} and ${FIX_VERSION} variables.
-      # branchNameTemplate: "frogbot-${IMPACTED_PACKAGE}-${BRANCH_NAME_HASH}"
-
-      # [Optional]
-      # Template for the commit message generated by Frogbot when creating pull requests with fixes
-      # The template can optionally include the ${IMPACTED_PACKAGE} and ${FIX_VERSION} variables.
-      # commitMessageTemplate: "Upgrade ${IMPACTED_PACKAGE} to ${FIX_VERSION}"
-
-      # [Optional]
-      # Template for the pull request title generated by Frogbot when creating pull requests with fixes.
-      # The template can optionally include the ${IMPACTED_PACKAGE} and ${FIX_VERSION} variables.
-      # pullRequestTitleTemplate: "[🐸 Frogbot] Upgrade ${IMPACTED_PACKAGE} to ${FIX_VERSION}"
-
-      # [Optional, Default: false]
-      # If true, Frogbot creates a single pull request with all the fixes.
-      # If false, Frogbot creates a separate pull request for each fix.
-      # aggregateFixes: false
-
-      # [Optional, Default: eco-system+frogbot@jfrog.com]
-      # Set the email of the commit author
-      # emailAuthor: ""
-
-    # Frogbot scanning parameters
-    scan:
-      # [Default: false]
-      # Frogbot displays all existing vulnerabilities, including the ones that were not added by the pull request
-      # includeAllVulnerabilities: true
-
-      # [Default: false]
-      # When adding new comments on pull requests, keep old comments that were added by previous scans.
-      # avoidPreviousPrCommentsDeletion: true
-
-      # [Default: true]
-      # Frogbot does not fail the task if security issues are found and this parameter is set to false
-      # failOnSecurityIssues: false
-
-      # [Default: false]
-      # Handle vulnerabilities with fix versions only
-      # fixableOnly: true
-
-      # [Optional]
-      # Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests
-      # The following values are accepted: Low, Medium, High or Critical
-      # minSeverity: ""
-
-      # [Optional]
-      # List of email addresses to receive emails about secrets that has been detected in a pull request scan.
-      # Applies only to servers that are entitled to JFrog Advanced Security.
-      # emailReceivers:
-      # - user@company.com
-
-      # List of subprojects / project dirs inside the Git repository
-      projects:
-      # [Mandatory if the two conditions below are met]
-      # 1. The project uses yarn 2, NuGet or .NET Core to download its dependencies
-      # 2. The `installCommand` variable isn't set in your frogbot-config.yml file.
-      #
-      # The command that installs the project dependencies (e.g "nuget restore")
-      # - installCommand: ""
-
-      # [Default: root directory]
-      # List of relative path's to the projects directories in the git repository. If left empty (without providing "." yourself as the root directory's path), a recursive scan is triggered from the root directory of the project.
-      #   workingDirs:
-      #     - "."
-
-      # [Default: ["*.git*", "*node_modules*", "*target*", "*venv*", "*test*"]]
-      # List of exclusion patterns (utilizing wildcards) for excluding paths in the source code of the Git repository during SCA scans.
-      #   pathExclusions:
-      #     - "*node_modules*"
-      #     - "*target*"
-      #     - "*venv*"
-      #     - "*test*"
-
-      # [Mandatory for pip only if using requirements file, Default: pip install .]
-      # The requirements file name that is used to install dependencies in case of pip package manager
-      #   pipRequirementsFile: ""
-
-      # [Default: true]
-      # Use Gradle Wrapper (gradlew/gradlew.bat) to run Gradle
-      #   useWrapper: true
-
-      # [Optional]
-      # Name of a Virtual Repository in Artifactory to resolve (download) the project dependencies from
-      #   repository: ""
-
-    # JFrog Platform parameters
-    jfrogPlatform:
-    # [Optional]
-    # JFrog project key. Learn more about it [here](https://www.jfrog.com/confluence/display/JFROG/Projects)
-    # jfrogProjectKey: ""
-
-    # [Optional]
-    # Xray Watches. Learn more about it [here](https://www.jfrog.com/confluence/display/JFROG/Configuring+Xray+Watches)
-    # watches:
-    #  - ""
+* [CLI](https://jfrog.com/help/r/jfrog-security-user-guide/developers/cli)
+* [Frogbot](https://jfrog.com/help/r/jfrog-security-user-guide/developers/frogbot)
+* [IDEs](https://jfrog.com/help/r/jfrog-security-user-guide/developers/ides)
