Light

oslatt / snyk-clojure-action Goto Github PK

View Code? Open in Web Editor NEW

This project forked from puppetlabs/security-snyk-clojure-action

0.0 0.0 0.0 58 KB

License: Apache License 2.0

Python 84.36% Makefile 12.01% Dockerfile 3.63%

snyk-clojure-action's Introduction

security-snyk-clojure-action

This action runs snyk on clojure repo, using leningen to generate a pom.xml file

For the V2 action add the following secrets: TWINGATE_PUBLIC_REPO_KEY in public repos and TWINGATE_KEY private repos

Inputs

snykToken (required)

This input is the secret snyk token

snykOrg (not required)

The organization in snyk to send results to

snykProject (not required)

The project name in snyk

snykRepo (not required)

Set this if you want to group under different repository in Snyk.

noMonitor (not required)

If you just want to run snyk test and not snyk monitor you should set this input to true

snykTargetRef (not required - default: false)

If you set this value to true, when running snyk monitor the --target-reference argument will be set to the value of GITHUB_REF_NAME which is the branch or tag name that triggered the workflow run

snykPolicy (not required)

This is the path to a .snyk file in your repository to pass to snyk while running snyk test. Information on the file format can be found here: https://docs.snyk.io/features/fixing-and-prioritizing-issues/policies/the-.snyk-file . It can be used to ignore vulnerabilities or remove false positives.

Outputs

vulns

An comma separated list of vulnerable packages in the format <package_name>: <snyk_id>|<cve IDs>. Example:

foo: SNYK-JAVA-FOO-BLAH, com.fasterxml.jackson.dataformat:jackson-dataformat-cbor-2.9.0: SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329|CVE-2020-28491, bar: SNYK-JAVA-bar-00000

Example usage

plasee see sample_workflow.yaml for a sample

snyk-clojure-action's People

Contributors

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.