This Github Action gives the statistics of different kinds of vulnerabilities. Use this action to add a Job Summary in GitHub Workflows.
To use this action, you will need to have a Snyk account and an API token. If you haven't already done so, sign up for a free Snyk account, then generate an API token.
To use this action in your project, add the following to your GitHub Actions workflow:
...
- name: Run Snyk to check for vulnerabilities in dependencies
uses: snyk/actions/gradle-jdk11@master # See https://github.com/snyk/actions for other supported build tools/languages
continue-on-error: true
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
command: test --all-projects --json-file-output=snyk_dependencies.json
- name: Run Snyk to check for vulnerabilities in code
uses: snyk/actions/gradle-jdk11@master # See https://github.com/snyk/actions for other supported build tools/languages
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
command: code test --all-projects --json-file-output=snyk_code.json
- name: Add Job Summary from Snyk reports
uses: medly/snyk-job-summary-action@v1
with:
dependencies-report-path: snyk_dependencies.json # The file name of json file which is generated on snyk test
code-report-path: snyk_code.json # The file name of json file which is generated on snyk code testThis action performs the following steps:
- Runs a Snyk test to check for vulnerabilities in dependencies
- Runs a Snyk test to check for vulnerabilities in code
- Generates JSON files for both dependencies and code tests
- Adds a job summary with the results of the Snyk tests
Note that this action is set to continue on error, so your workflow will not fail even if vulnerabilities are found.
SNYK_TOKEN: Your Snyk API token. This should be stored as a GitHub secret.
We welcome contributions to this GitHub Action! To contribute, please create a pull request with your proposed changes.
This GitHub Action is licensed under the MIT License.