@@ -19,51 +19,42 @@ jobs:
1919 - name : Run tests
2020 run : pytest tests/
2121
22- stupid_snyk :
22+ # stupid_snyk:
23+ # runs-on: ubuntu-latest
24+ # steps:
25+ # - uses: actions/checkout@main
26+ # - name: Run Snyk to check for vulnerabilities
27+ # uses: snyk/actions/python@master
28+ # with:
29+ # args: --file=requirements.txt
30+ # env:
31+ # SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
32+
33+ # Run snyk code scanning for vulnerabilities
34+ snyk_scan :
35+ permissions :
36+ contents : read
37+ security-events : write
38+ actions : read
2339 runs-on : ubuntu-latest
2440 steps :
25- - uses : actions/checkout@master
26- - uses : snyk/actions/setup@master
27- - uses : actions/setup-python@master
41+ - name : Checkout code
42+ uses : actions/checkout@v4
2843
44+ - name : Installing Snyk
45+ run : |
46+ npm install -g snyk
47+ snyk auth ${SNYK_TOKEN}
48+
2949 - name : Install dependencies
3050 run : |
3151 pip install -r requirements.txt
3252 python -m pip install --upgrade pip
3353
34- name : Authenticate with Snyk
35- run : snyk auth ${{ secrets.SNYK_TOKEN }}
36-
37- - name : Snyk test
38- run : snyk test
39- env :
40- SNYK_TOKEN : ${{ secrets.SNYK_TOKEN }}
41-
42- # Run snyk code scanning for vulnerabilities
43- # snyk_scan:
44- # permissions:
45- # contents: read
46- # security-events: write
47- # actions: read
48- # runs-on: ubuntu-latest
49- # steps:
50- # - name: Checkout code
51- # uses: actions/checkout@v4
52-
53- # - name: Installing Snyk
54- # run: |
55- # npm install -g snyk
56- # snyk auth ${SNYK_TOKEN}
57-
58- # - name: Install dependencies
59- # run: |
60- # pip install -r requirements.txt
61- # python -m pip install --upgrade pip
62-
63- # - name: Snyk Code test
64- # run: |
65- # snyk code test --sarif > snyk-cide.sarif
66- # synk test --sarif > snyk-test.sarif
54+ name : Snyk Code test
55+ run : |
56+ snyk code test --sarif > snyk-cide.sarif
57+ synk test --sarif > snyk-test.sarif
6758
6859# Scan the contianer and lists all security vulnerabilities
6960 trivy_scans :
0 commit comments