Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature/add snyk #200

Merged
merged 9 commits into from
Nov 16, 2022
Merged

Feature/add snyk #200

merged 9 commits into from
Nov 16, 2022

Conversation

chenchanglew
Copy link
Contributor

Snyk is a developer-friendly security platform for anyone responsible for securing code.
I added a snyk workflow to let developer notice if there have imported some vulnerable code.
But I set with the flag continue-on-error because some of the vulnerabilities can be ignored

ref: https://snyk.io/

@chenchanglew chenchanglew requested a review from a team as a code owner October 29, 2022 12:38
@CLAassistant
Copy link

CLAassistant commented Oct 29, 2022
edited
Loading

CLA assistant check
All committers have signed the CLA.

@coveralls
Copy link

coveralls commented Oct 29, 2022
edited
Loading

Pull Request Test Coverage Report for Build 3351458228

Warning: This coverage report may be inaccurate.

This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 64.021%
Totals Coverage Status
Change from base Build 3320078377: 0.0%
Covered Lines: 3194
Relevant Lines: 4989
💛 - Coveralls

@pierluca
Copy link
Contributor

pierluca commented Nov 3, 2022

@Flamewind97 please rebase and set the correct email for all the commits, so as to make the CLA assistant happy :-)

pierluca
pierluca previously approved these changes Nov 14, 2022
View reviewed changes
pierluca
pierluca reviewed Nov 14, 2022
View reviewed changes
.github/workflows/snyk-container.yml Outdated
# issues, monitor images for newly disclosed vulnerabilities in Snyk and
# fail PR checks for new vulnerabilities, see https://github.com/snyk/actions/

name: Example workflow using Snyk
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe you want to rename this though?

@sonarcloud
Copy link

sonarcloud bot commented Nov 16, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

pierluca
pierluca approved these changes Nov 16, 2022
View reviewed changes
Copy link
Contributor

@pierluca pierluca left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks !

@pierluca pierluca merged commit 563b903 into main Nov 16, 2022
@pierluca pierluca deleted the feature/add-snyk branch November 16, 2022 08:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pierluca pierluca pierluca approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@chenchanglew @CLAassistant @coveralls @pierluca