This repository has been archived by the owner on Jan 9, 2024. It is now read-only.
Vulnerabilities scanning of dependencies #746
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Vulnerabilities scanning of dependencies | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: '0 5 * * 4' | |
| jobs: | |
| Vulnerability_scanning: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@master | |
| - name: Check if gradle project | |
| run: echo "IS_GRADLE_PROJECT=$([[ -f ./build.gradle || -f ./build.gradle.kts ]] && echo 'true' || echo 'false')" >> $GITHUB_ENV | |
| - name: Run Snyk for gradle to check for vulnerabilities | |
| if: env.IS_GRADLE_PROJECT == 'true' | |
| uses: snyk/actions/gradle-jdk14@master | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| with: | |
| command: monitor | |
| args: --org=min-side --configuration-attributes=usage:java-runtime --project-name=${{ github.repository }} --remote-repo-url=https://github.com/${{ github.repository }}.git | |
| - name: Check if node project | |
| run: echo "IS_NODE_PROJECT=$([[ -f ./package.json ]] && echo 'true' || echo 'false')" >> $GITHUB_ENV | |
| - name: Run Snyk for node to check for vulnerabilities | |
| if: env.IS_NODE_PROJECT == 'true' | |
| uses: snyk/actions/node@master | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| with: | |
| command: monitor | |
| args: --org=min-side --configuration-attributes=usage:java-runtime --project-name=${{ github.repository }} --remote-repo-url=https://github.com/${{ github.repository }}.git |