Skip to content
Software Composition Analysis

Fix: README #6

Sign in to view logs

Fix: README

Fix: README #6

Workflow file for this run

.github/workflows/sca.yml at 7759ee6
name: Software Composition Analysis
on:
push:
branches: ["main" ]
pull_request:
branches: ["main"]
jobs:
sca:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: '3.12'
- run: pip install -r requirements.txt
############## Version 1 ##############
- uses: snyk/actions/setup@master
- name: Run Snyk to check for vulnerabilities
run: snyk test --print-deps --sarif-file-output=snyk.sarif
continue-on-error: true # To make sure that SARIF upload gets called
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
- name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: snyk.sarif
permissions:
security-events: write
#######################################