Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Snyk PR demo #184

Open
wants to merge 40 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
40 commits
Select commit Hold shift + click to select a range
00ccd6b
fix: package.json & package-lock.json to reduce vulnerabilities
snyk-bot Nov 29, 2023
94b6a68
Merge pull request #62 from wmporrassnyk/snyk-fix-a34ad352fde07302d00…
wmporrassnyk Nov 29, 2023
c673469
fix: package.json & package-lock.json to reduce vulnerabilities
snyk-bot Dec 6, 2023
955dc09
Merge pull request #73 from wmporrassnyk/snyk-fix-908f9cc197e35e1d490…
wmporrassnyk Dec 6, 2023
ea5d6d6
fix: package.json & package-lock.json to reduce vulnerabilities
snyk-bot Dec 7, 2023
166d6d5
Merge pull request #75 from wmporrassnyk/snyk-fix-763169909c8d77eb518…
wmporrassnyk Dec 7, 2023
414d579
fix: package.json & package-lock.json to reduce vulnerabilities
snyk-bot Dec 11, 2023
fc59cd8
Merge pull request #76 from wmporrassnyk/snyk-fix-a1f037c43fe17d2019b…
wmporrassnyk Dec 11, 2023
da9724f
fix: package.json & package-lock.json to reduce vulnerabilities
snyk-bot Dec 13, 2023
976607e
Merge pull request #77 from wmporrassnyk/snyk-fix-0d355dd5ff1007f779d…
wmporrassnyk Dec 13, 2023
12a1f19
fix: package.json & package-lock.json to reduce vulnerabilities
snyk-bot Jan 8, 2024
53c94ff
Merge pull request #87 from wmporrassnyk/snyk-fix-7e94e3e5f84d686a34a…
wmporrassnyk Jan 8, 2024
6ccf096
fix: package.json & package-lock.json to reduce vulnerabilities
snyk-bot Jan 9, 2024
fb0736b
Merge pull request #88 from wmporrassnyk/snyk-fix-015701b44d62efc7185…
wmporrassnyk Jan 9, 2024
c9c1939
fix: frontend/package.json & frontend/package-lock.json to reduce vul…
snyk-bot Jan 23, 2024
03dd985
Merge pull request #90 from wmporrassnyk/snyk-fix-ceedff3b40ea1851999…
wmporrassnyk Jan 23, 2024
dd143c0
fix: package.json & package-lock.json to reduce vulnerabilities
snyk-bot Jan 24, 2024
b587219
Merge pull request #92 from wmporrassnyk/snyk-fix-f74a965e305fce8f89c…
wmporrassnyk Jan 24, 2024
28fb49d
fix: Dockerfile to reduce vulnerabilities
snyk-bot Jan 24, 2024
41cda49
Merge pull request #95 from wmporrassnyk/snyk-fix-15e2602d9f059d5f143…
wmporrassnyk Jan 24, 2024
c19cb99
fix: package.json & package-lock.json to reduce vulnerabilities
snyk-bot Feb 23, 2024
9d8e8d4
Create main.yml
wmporrassnyk Feb 28, 2024
2e46010
Merge pull request #99 from wmporrassnyk/snyk-fix-e933255e03ded083283…
wmporrassnyk Mar 5, 2024
f7f5b5e
fix: package.json & package-lock.json to reduce vulnerabilities
snyk-bot Mar 5, 2024
adca606
Merge pull request #100 from wmporrassnyk/snyk-fix-49704ab5c2e276b74d…
wmporrassnyk Mar 5, 2024
5bfa509
fix: frontend/package.json to reduce vulnerabilities
snyk-bot Apr 5, 2024
e4bb85b
Merge pull request #104 from wmporrassnyk/snyk-fix-5353491209559f7a72…
wmporrassnyk Apr 11, 2024
ca349a9
fix: package.json & package-lock.json to reduce vulnerabilities
snyk-bot Apr 18, 2024
61b4626
Merge pull request #106 from wmporrassnyk/snyk-fix-724dc4105140c1895d…
wmporrassnyk Apr 18, 2024
5c8225b
fix: package.json & package-lock.json to reduce vulnerabilities
snyk-bot Apr 18, 2024
3339daa
Merge pull request #107 from wmporrassnyk/snyk-fix-3c400f3d9a0d1f9266…
wmporrassnyk Apr 18, 2024
45feabc
fix: package.json & package-lock.json to reduce vulnerabilities
snyk-bot Apr 24, 2024
8aa825b
Merge pull request #110 from wmporrassnyk/snyk-fix-ee1205932d29e49e89…
wmporrassnyk Apr 24, 2024
d9ebc8c
fix: upgrade semver from 7.3.5 to 7.6.0
snyk-bot Apr 26, 2024
40564a1
Merge pull request #115 from wmporrassnyk/snyk-upgrade-566e6ac3e65bb4…
wmporrassnyk May 2, 2024
846b570
fix: package.json & package-lock.json to reduce vulnerabilities
snyk-bot May 14, 2024
562c684
Merge pull request #119 from wmporrassnyk/snyk-fix-ee8b01f14fb25736c0…
wmporrassnyk May 14, 2024
e4aaadb
Create npm-grunt.yml
wmporrassnyk Aug 20, 2024
12a754c
Create Snyk build
wmporrassnyk Aug 20, 2024
db9bcba
Update npm-grunt.yml
wmporrassnyk Aug 20, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 48 additions & 0 deletions .github/workflows/Snyk build
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
name: SNYK
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]

jobs:
build:
name: Test and build
environment: snyk-npm
runs-on: ubuntu-latest

strategy:
matrix:
node-version: [v22.6.0]

# See supported Node.js release schedule at https://nodejs.org/en/about/releases/

steps:
- uses: actions/checkout@v2
- name: Use Node.js ${{v22.6.0}}
uses: actions/setup-node@v2
with:
node-version: ${{ matrix.node-version }}
cache: 'npm'

- name: Setup Snyk + snyk-to-html # For information about the required commands for generating an HTML report see https://github.com/snyk/snyk-to-html
run: |
npm install snyk -g
npm install snyk-to-html -g
snyk auth ${{secrets.SNYK_AUTH}}

- name: Snyk Open Source # For testing and failing please add snyk test before snyk monitor
run: |
snyk monitor
# For a list of additional available flags/options see: https://docs.snyk.io/snyk-cli/commands

- name: Snyk Code # Remove || true to fail if there are vulnerabilities
run: |
snyk code test || true
- name: Snyk Container # Rename your image, for testing and failing please add snyk container test before snyk container monitor
run: |
docker build . -t yourimage:tag
snyk container monitor yourimage:tag --file=Dockerfile
- name: Snyk IaC # Remove || true to fail if there are vulnerabilities
run: |
snyk iac test || true
12 changes: 12 additions & 0 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
- name: Snyk
# You may pin to the exact commit or the version.
# uses: snyk/actions@b98d498629f1c368650224d6d212bf7dfa89e4bf
uses: snyk/[email protected]
with:
# Which Snyk command to run, defaults to test
command: # optional, default is test
# Additional arguments to pass to Snyk
args: # optional
# Output a snyk.json file with results if running the test command
json: # optional

28 changes: 28 additions & 0 deletions .github/workflows/npm-grunt.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
name: NodeJS with Grunt

on:
push:
branches: [ "master" ]
pull_request:
branches: [ "master" ]

jobs:
build:
runs-on: ubuntu-latest

strategy:
matrix:
node-version: [18.x, 20.x, 22.x]

steps:
- uses: actions/checkout@v4

- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}

- name: Build
run: |
npm install
grunt
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM node:12.18.4-buster
FROM node:21.5.0-slim

RUN apt-get -y update && apt-get -y install ca-certificates apt-transport-https

Expand Down
Loading