I tried it on my repository. I think it picks the right action up but the result is the same. Have to dig a bit more I guess:

@erhan- you would need to run with @patch-1 as the version. (e.g. erhan-/scan-action@patch-1)

@erhan- I had a slightly different thing in mind (the same idea, just not modifying the process.env) -- I've also added a test, would you mind if I push these changes here?

Please push and change however you think is best. It works now.

Also: it looks like you'll need to sign-off the commits, would you be able to do this?

Also: I'm looking in to these test failures, I'm pretty sure they are unrelated to this change...

@erhan- could you verify the current state of this PR is still working for you? If so, I can probably get this rebased, merged, and released for you.

(Also it would be good to know if HTTPS_PROXY works vs. the lowercase https_proxy)

Sorry, I never added a sign-off commit before. I hereby also confirm that the code si for your project and I dont claim any rights.

I cant that test unfortunately if upper and lowercase work at the moment but I think I read something that we should use the lowercase one. It works and is the first time I got any results. Thanks for your help!