Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Snyk/vuln code #981

Closed
wants to merge 9 commits into from
Closed

Snyk/vuln code #981

Changes from 1 commit
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
6de8ae6
ignoring idea files
Dec 8, 2020
489f8f3
sca-sarif.yml
rharp Feb 9, 2021
a5129a0
Update main.yml
rharp Feb 9, 2021
c9393bc
Update main.yml
rharp Feb 9, 2021
23e744c
Update main.yml
rharp Feb 9, 2021
97b91df
Delete .github directory
rharp Feb 9, 2021
00d27eb
Creating action for snyk scans
rharp Mar 2, 2021
423b3ea
updating snyk scan
rharp Mar 2, 2021
6ae79a1
commiting vulnerable code
Aug 2, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
updating snyk scan
  • Loading branch information
@rharp
rharp authored Mar 2, 2021
commit 423b3eadd1a665bd86d0b7a032e296d398616e7a
10 changes: 7 additions & 3 deletions .github/workflows/snyk.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,17 @@
name: Example workflow for Node using Snyk
on: push
jobs:
security:
snyk:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- uses: actions/checkout@v2
- name: Run Snyk to check for vulnerabilities
continue-on-error: true
uses: snyk/actions/node@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --severity-threshold=high
file: .
- uses: github/codeql-action/upload-sarif@v1
with:
sarif_file: snyk.sarif