Snyk scan

lukegeor · May 17, 2024 · 1297eb2 · 1297eb2
1 parent ebb1e62
commit 1297eb2
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 1 deletion.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -35,13 +35,24 @@ jobs:
       - uses: actions/checkout@v3
         with:
           fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
-      - name: Build, test, and analyze
+      - name: Build
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
         shell: bash
         run: |
           dotnet msbuild -restore ./InsecureProject.sln
           dotnet build ./InsecureProject.sln -m:1
+      - name: Snyk
+        uses: snyk/actions/dotnet@master
+        continue-on-error: true
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          args: --sarif-file-output=snyk.sarif
+      - name: Upload result to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: snyk.sarif
     permissions:
       pull-requests: write
       contents: write
diff --git a/.idea/.idea.InsecureProject/.idea/material_theme_project_new.xml b/.idea/.idea.InsecureProject/.idea/material_theme_project_new.xml