TLMSLLC · Copilot · Dec 9, 2025 · Dec 9, 2025 · Copilot · Mar 1, 2026
diff --git a/.github/workflows/synopsys-io.yml b/.github/workflows/synopsys-io.yml
@@ -43,9 +43,10 @@ jobs:
     - name: Static Analysis with Polaris
       if: ${{steps.prescription.outputs.sastScan == 'true' }}
       run: |
-          export POLARIS_SERVER_URL=${{ secrets.POLARIS_SERVER_URL}}
-          export POLARIS_ACCESS_TOKEN=${{ secrets.POLARIS_ACCESS_TOKEN}}
-          wget -q ${{ secrets.POLARIS_SERVER_URL}}/api/tools/polaris_cli-linux64.zip
+          set -e
-          set -e
-          set -e
+          export POLARIS_SERVER_URL=${{secrets.POLARIS_SERVER_URL}}
+          export POLARIS_ACCESS_TOKEN=${{secrets.POLARIS_ACCESS_TOKEN}}
+          wget -q ${{secrets.POLARIS_SERVER_URL}}/api/tools/polaris_cli-linux64.zip
-          export POLARIS_SERVER_URL=${{secrets.POLARIS_SERVER_URL}}
-          export POLARIS_ACCESS_TOKEN=${{secrets.POLARIS_ACCESS_TOKEN}}
-          wget -q ${{secrets.POLARIS_SERVER_URL}}/api/tools/polaris_cli-linux64.zip
+          export POLARIS_SERVER_URL="${{secrets.POLARIS_SERVER_URL}}"
+          export POLARIS_ACCESS_TOKEN="${{secrets.POLARIS_ACCESS_TOKEN}}"
+          wget -q "${POLARIS_SERVER_URL}/api/tools/polaris_cli-linux64.zip"
-          export POLARIS_SERVER_URL=${{secrets.POLARIS_SERVER_URL}}
-          export POLARIS_ACCESS_TOKEN=${{secrets.POLARIS_ACCESS_TOKEN}}
-          wget -q ${{secrets.POLARIS_SERVER_URL}}/api/tools/polaris_cli-linux64.zip
+          export POLARIS_SERVER_URL="${{secrets.POLARIS_SERVER_URL}}"
+          export POLARIS_ACCESS_TOKEN="${{secrets.POLARIS_ACCESS_TOKEN}}"
+          wget -q "${POLARIS_SERVER_URL}/api/tools/polaris_cli-linux64.zip"
           unzip -j polaris_cli-linux64.zip -d /tmp
           /tmp/polaris analyze -w
 
@@ -55,7 +56,7 @@ jobs:
       if: ${{steps.prescription.outputs.scaScan == 'true' }}
       uses: blackducksoftware/github-action@9ea442b34409737f64743781e9adc71fd8e17d38
       with:
-         args: '--blackduck.url="${{ secrets.BLACKDUCK_URL}}" --blackduck.api.token="${{ secrets.BLACKDUCK_TOKEN}}" --detect.tools="SIGNATURE_SCAN,DETECTOR"'
+         args: '--blackduck.url="${{secrets.BLACKDUCK_URL}}" --blackduck.api.token="${{secrets.BLACKDUCK_TOKEN}}" --detect.tools="SIGNATURE_SCAN,DETECTOR"'
 
     - name: Synopsys Intelligent Security Scan
       if: ${{ steps.prescription.outputs.sastScan == 'true' || steps.prescription.outputs.scaScan == 'true' }}
@@ -64,9 +65,10 @@ jobs:
         ioServerUrl: ${{secrets.IO_SERVER_URL}}
         ioServerToken: ${{secrets.IO_SERVER_TOKEN}}
         workflowServerUrl: ${{secrets.WORKFLOW_SERVER_URL}}
-        additionalWorkflowArgs: --IS_SAST_ENABLED=${{steps.prescription.outputs.sastScan}} --IS_SCA_ENABLED=${{steps.prescription.outputs.scaScan}}
-                --polaris.project.name={{PROJECT_NAME}} --polaris.url=${{secrets.POLARIS_SERVER_URL}} --polaris.token=${{secrets.POLARIS_ACCESS_TOKEN}}
-                --blackduck.project.name={{PROJECT_NAME}}:{{PROJECT_VERSION}} --blackduck.url=${{secrets.BLACKDUCK_URL}} --blackduck.api.token=${{secrets.BLACKDUCK_TOKEN}}
+        additionalWorkflowArgs: >-
+          --IS_SAST_ENABLED=${{steps.prescription.outputs.sastScan}} --IS_SCA_ENABLED=${{steps.prescription.outputs.scaScan}}
+          --polaris.project.name=${{ github.event.repository.name }} --polaris.url=${{secrets.POLARIS_SERVER_URL}} --polaris.token=${{secrets.POLARIS_ACCESS_TOKEN}}
+          --blackduck.project.name=${{ github.event.repository.name }}:${{ github.ref_name }} --blackduck.url=${{secrets.BLACKDUCK_URL}} --blackduck.api.token=${{secrets.BLACKDUCK_TOKEN}}
         stage: "WORKFLOW"
 
     - name: Upload SARIF file