Skip to content
.NET Snyk Code analysis

Merge pull request #130 from sir-gon/renovate/aquasecurity-trivy-acti… #203

Sign in to view logs

Merge pull request #130 from sir-gon/renovate/aquasecurity-trivy-acti…

Merge pull request #130 from sir-gon/renovate/aquasecurity-trivy-acti… #203

Workflow file for this run

.github/workflows/snyk-code.yml at 23d1ad3
# yamllint disable rule:line-length
# This workflow will build a .NET project
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-net
# yamllint enable rule:line-length
---
name: .NET Snyk Code analysis
on: # yamllint disable-line rule:truthy
push:
pull_request:
workflow_dispatch:
jobs:
security:
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- uses: actions/checkout@master
- uses: snyk/actions/setup@master
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: 8.0.x
- name: Restore dependencies
run: dotnet restore algorithm_exercises_csharp.sln
- name: Run Snyk to check for vulnerabilities
continue-on-error: true # To make sure that SARIF upload gets called
run: >
snyk test
algorithm_exercises_csharp/
algorithm_exercises_csharp_base/
algorithm_exercises_csharp_test/
--sarif-file-output=snyk-code.sarif
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
- name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: snyk-code.sarif