This action runs snyk on clojure repo, using leningen to generate a pom.xml file
For the V2 action add the following secrets: TWINGATE_PUBLIC_REPO_KEY in public repos and TWINGATE_KEY private repos
This input is the secret snyk token
The organization in snyk to send results to
The project name in snyk
Set this if you want to group under different repository in Snyk.
If you just want to run snyk test and not snyk monitor you should set this input to true
If you set this value to true, when running snyk monitor the --target-reference argument will be set to the value of GITHUB_REF_NAME which is the branch or tag name that triggered the workflow run
This is the path to a .snyk file in your repository to pass to snyk while running snyk test. Information on the file format can be found here: https://docs.snyk.io/features/fixing-and-prioritizing-issues/policies/the-.snyk-file . It can be used to ignore vulnerabilities or remove false positives.
An comma separated list of vulnerable packages in the format <package_name>: <snyk_id>|<cve IDs>. Example:
foo: SNYK-JAVA-FOO-BLAH, com.fasterxml.jackson.dataformat:jackson-dataformat-cbor-2.9.0: SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329|CVE-2020-28491, bar: SNYK-JAVA-bar-00000
plasee see sample_workflow.yaml for a sample