Skip to content
Snyk Open Source Scans

Update package-lock.json #21

Sign in to view logs

Update package-lock.json

Update package-lock.json #21

Workflow file for this run

.github/workflows/main.yml at 7011a8c
name: Snyk Open Source Scans
concurrency:
group: snyk-opensource-actions-${{ github.ref }}
cancel-in-progress: true
on:
merge_group:
types: [checks_requested]
pull_request:
types: [opened, synchronize, reopened, ready_for_review]
jobs:
snyk-opensource-pipeline:
runs-on: ubuntu-latest
name: Snyk Open Source Diff Scan
env:
SNYK_TOKEN: ${{ secrets.SNYK_GH_ACTIONS_TOKEN }}
SNYK_ORG: ${{ vars.SNYK_ORG }}
steps:
# Step 1: Checkout base ref branch
- name: Checkout Base Branch
uses: actions/checkout@v4
with:
ref: ${{ github.base_ref }}
# Step 2: Setup Python (optional)
# Uncomment the following lines if required for specific configurations
# - name: Setup Python Environment
# uses: actions/setup-python@v5
# with:
# python-version: '3.10'
# - run: pip install -r requirements.txt # Uncomment if using requirements.txt
# Step 3: Download and Setup Node.js
- name: Setup Node.js Environment
uses: actions/setup-node@v4
with:
node-version: 20
# Step 4: Install Snyk CLI
- name: Install Snyk CLI
run: npm install --location=global snyk@latest
# Step 5: Install Snyk Delta
- name: Install snyk_delta
run: npm install --location=global snyk-delta@latest
# Step 6: Install snyk_delta_all_projects.sh
- name: Install snyk_delta_all_projects.sh
run: |
wget -O snyk_delta_all_projects.sh https://raw.githubusercontent.com/snyk-tech-services/snyk-delta/refs/heads/develop/snyk_delta_all_projects.sh
mv ./snyk_delta_all_projects.sh /usr/local/bin/
# Step 7: Install jq
- name: Install jq
run: npm install --location=global node-jq
# Step 8: Authenticate Snyk
- name: Authenticate with Snyk
run: snyk auth ${{ secrets.SNYK_GH_ACTIONS_TOKEN }}
# Step 9: Run Snyk Open Source Scan and Diff
- name: Run Snyk Delta Scan
run: /bin/bash snyk_delta_all_projects.sh --org=${{ vars.SNYK_ORG }} --remote-repo-url=${{ github.repository }} --setPassIfNoBaseline true -d
- name: Run Snyk Monitor Scan
run: snyk monitor --all-projects --org=${{ vars.SNYK_ORG }} --remote-repo-url=${{ github.repository }}
# Uncomment the following lines to enable Snyk Monitor with custom options
#- name: Run snyk monitor
# uses: snyk/actions/node@master
# with:
# command: monitor
# args: --all-projects --detection-depth=2 --org=${{ SNYK_ORG }} --severity=high