Skip to content
This repository has been archived by the owner on Oct 3, 2024. It is now read-only.

Snyk

Snyk #148

Workflow file for this run

name: Snyk
on:
push:
branches: [ main ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ main ]
schedule:
- cron: '31 10 * * 0'
permissions:
contents: read
jobs:
snyk:
name: Snyk
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@6c3b1c91e8873ae0c705b0709f957c7a6a5eaf10
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.snyk.io:443
github.com:443
proxy.golang.org:443
- uses: actions/checkout@8459bc0c7e3759cdf591f513d9f141a95fef0a8f
- name: Run Snyk to check for vulnerabilities
uses: snyk/actions/golang@8349f9043a8b7f0f3ee8885bf28f0b388d2446e8
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --sarif-file-output=snyk.sarif