From cd0294a6bee2af19716e5556f22b750adff01792 Mon Sep 17 00:00:00 2001 From: gracewingo <124396757+grace-wingo@users.noreply.github.com> Date: Sat, 5 Oct 2024 10:25:43 -0400 Subject: [PATCH 1/5] Create github-actions-snyk.yml --- .github/workflows/github-actions-snyk.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 .github/workflows/github-actions-snyk.yml diff --git a/.github/workflows/github-actions-snyk.yml b/.github/workflows/github-actions-snyk.yml new file mode 100644 index 0000000000..ad2246eb88 --- /dev/null +++ b/.github/workflows/github-actions-snyk.yml @@ -0,0 +1,11 @@ +name: Snyk Demo +on: push +jobs: + security: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@master + - name: Run Snyk to check for vulnerabilities + uses: snyk/actions/node@master + env: + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} From ef1c9312f883a2b2d32febcea96d6ad18b8e7fcd Mon Sep 17 00:00:00 2001 From: gracewingo <124396757+grace-wingo@users.noreply.github.com> Date: Sat, 5 Oct 2024 12:12:05 -0400 Subject: [PATCH 2/5] Delete .github/workflows/github-actions-snyk.yml --- .github/workflows/github-actions-snyk.yml | 11 ----------- 1 file changed, 11 deletions(-) delete mode 100644 .github/workflows/github-actions-snyk.yml diff --git a/.github/workflows/github-actions-snyk.yml b/.github/workflows/github-actions-snyk.yml deleted file mode 100644 index ad2246eb88..0000000000 --- a/.github/workflows/github-actions-snyk.yml +++ /dev/null @@ -1,11 +0,0 @@ -name: Snyk Demo -on: push -jobs: - security: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@master - - name: Run Snyk to check for vulnerabilities - uses: snyk/actions/node@master - env: - SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} From 062f14bee3d6f40983dc723811ef57e72b4e098a Mon Sep 17 00:00:00 2001 From: grace_wingo Date: Sat, 5 Oct 2024 12:15:52 -0400 Subject: [PATCH 3/5] udpate sarf.json --- .github/workflows/snyk-code.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/snyk-code.yml b/.github/workflows/snyk-code.yml index 6acfa140db..271baab00b 100644 --- a/.github/workflows/snyk-code.yml +++ b/.github/workflows/snyk-code.yml @@ -14,4 +14,4 @@ jobs: - name: Upload SARIF file uses: github/codeql-action/upload-sarif@v2 with: - sarif_file: snyk-sarif2.json + sarif_file: sarif.json From 8140dca1aee6e12f18f428cca1efb02de7669cff Mon Sep 17 00:00:00 2001 From: grace_wingo Date: Sat, 5 Oct 2024 13:04:44 -0400 Subject: [PATCH 4/5] add github action --- .github/workflows/snyk-code-manual.yml | 1 - .github/workflows/snyk-vulnerabilities.yml | 11 +++++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/snyk-vulnerabilities.yml diff --git a/.github/workflows/snyk-code-manual.yml b/.github/workflows/snyk-code-manual.yml index 0cb48af11c..411f41c040 100644 --- a/.github/workflows/snyk-code-manual.yml +++ b/.github/workflows/snyk-code-manual.yml @@ -13,4 +13,3 @@ jobs: uses: github/codeql-action/upload-sarif@v2 with: sarif_file: sarif.json - # sarif_file: example111.json diff --git a/.github/workflows/snyk-vulnerabilities.yml b/.github/workflows/snyk-vulnerabilities.yml new file mode 100644 index 0000000000..4c6ed980e6 --- /dev/null +++ b/.github/workflows/snyk-vulnerabilities.yml @@ -0,0 +1,11 @@ +name: Snyk demo +on: push +jobs: + security: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@master + - name: Run Snyk to check for vulnerabilities + uses: snyk/actions/node@master + env: + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} \ No newline at end of file From 2810f3fa9a72d8a744cbb7af8c31d9c53fd5e640 Mon Sep 17 00:00:00 2001 From: grace_wingo Date: Sun, 6 Oct 2024 11:42:47 -0400 Subject: [PATCH 5/5] remove gh action --- .github/workflows/snyk-vulnerabilities.yml | 11 ----------- 1 file changed, 11 deletions(-) delete mode 100644 .github/workflows/snyk-vulnerabilities.yml diff --git a/.github/workflows/snyk-vulnerabilities.yml b/.github/workflows/snyk-vulnerabilities.yml deleted file mode 100644 index 4c6ed980e6..0000000000 --- a/.github/workflows/snyk-vulnerabilities.yml +++ /dev/null @@ -1,11 +0,0 @@ -name: Snyk demo -on: push -jobs: - security: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@master - - name: Run Snyk to check for vulnerabilities - uses: snyk/actions/node@master - env: - SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} \ No newline at end of file