Skip to content

Commit ccbab45

Browse files
Widcketgrdsdev
Widcket
authored and
grdsdev
committed
Add Snyk workflow to GH actions (#237)
1 parent cb39e59 commit ccbab45

File tree

2 files changed

+94
-48
lines changed

2 files changed

+94
-48
lines changed

.github/workflows/snyk.yml

+40
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
name: Snyk
2+
3+
on:
4+
merge_group:
5+
workflow_dispatch:
6+
pull_request:
7+
types:
8+
- opened
9+
- synchronize
10+
push:
11+
branches:
12+
- main
13+
schedule:
14+
- cron: '30 0 1,15 * *'
15+
16+
permissions:
17+
contents: read
18+
19+
concurrency:
20+
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
21+
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
22+
23+
jobs:
24+
25+
check:
26+
27+
name: Check for Vulnerabilities
28+
runs-on: ubuntu-latest
29+
30+
steps:
31+
- if: github.actor == 'dependabot[bot]' || github.event_name == 'merge_group'
32+
run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection.
33+
34+
- uses: actions/checkout@v4
35+
with:
36+
ref: ${{ github.event.pull_request.head.sha || github.ref }}
37+
38+
- uses: snyk/actions/ruby@b98d498629f1c368650224d6d212bf7dfa89e4bf # [email protected]
39+
env:
40+
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

Gemfile.lock

+54-48
Original file line numberDiff line numberDiff line change
@@ -5,8 +5,9 @@ GEM
55
base64
66
nkf
77
rexml
8-
activesupport (7.2.1)
8+
activesupport (7.2.2.1)
99
base64
10+
benchmark (>= 0.3)
1011
bigdecimal
1112
concurrent-ruby (~> 1.0, >= 1.3.1)
1213
connection_pool (>= 2.2.5)
@@ -24,30 +25,31 @@ GEM
2425
artifactory (3.0.17)
2526
atomos (0.1.3)
2627
aws-eventstream (1.3.0)
27-
aws-partitions (1.975.0)
28-
aws-sdk-core (3.205.0)
28+
aws-partitions (1.1042.0)
29+
aws-sdk-core (3.216.1)
2930
aws-eventstream (~> 1, >= 1.3.0)
30-
aws-partitions (~> 1, >= 1.651.0)
31+
aws-partitions (~> 1, >= 1.992.0)
3132
aws-sigv4 (~> 1.9)
3233
jmespath (~> 1, >= 1.6.1)
33-
aws-sdk-kms (1.91.0)
34-
aws-sdk-core (~> 3, >= 3.205.0)
34+
aws-sdk-kms (1.97.0)
35+
aws-sdk-core (~> 3, >= 3.216.0)
3536
aws-sigv4 (~> 1.5)
36-
aws-sdk-s3 (1.162.0)
37-
aws-sdk-core (~> 3, >= 3.205.0)
37+
aws-sdk-s3 (1.178.0)
38+
aws-sdk-core (~> 3, >= 3.216.0)
3839
aws-sdk-kms (~> 1)
3940
aws-sigv4 (~> 1.5)
40-
aws-sigv4 (1.9.1)
41+
aws-sigv4 (1.11.0)
4142
aws-eventstream (~> 1, >= 1.0.2)
4243
babosa (1.0.4)
4344
base64 (0.2.0)
44-
bigdecimal (3.1.8)
45+
benchmark (0.4.0)
46+
bigdecimal (3.1.9)
4547
claide (1.1.0)
4648
clamp (1.3.2)
47-
cocoapods (1.15.2)
49+
cocoapods (1.16.2)
4850
addressable (~> 2.8)
4951
claide (>= 1.0.2, < 2.0)
50-
cocoapods-core (= 1.15.2)
52+
cocoapods-core (= 1.16.2)
5153
cocoapods-deintegrate (>= 1.0.3, < 2.0)
5254
cocoapods-downloader (>= 2.1, < 3.0)
5355
cocoapods-plugins (>= 1.0.0, < 2.0)
@@ -61,8 +63,8 @@ GEM
6163
molinillo (~> 0.8.0)
6264
nap (~> 1.0)
6365
ruby-macho (>= 2.3.0, < 3.0)
64-
xcodeproj (>= 1.23.0, < 2.0)
65-
cocoapods-core (1.15.2)
66+
xcodeproj (>= 1.27.0, < 2.0)
67+
cocoapods-core (1.16.2)
6668
activesupport (>= 5.0, < 8)
6769
addressable (~> 2.8)
6870
algoliasearch (~> 1.0)
@@ -85,8 +87,8 @@ GEM
8587
colored2 (3.1.2)
8688
commander (4.6.0)
8789
highline (~> 2.0.0)
88-
concurrent-ruby (1.3.4)
89-
connection_pool (2.4.1)
90+
concurrent-ruby (1.3.5)
91+
connection_pool (2.5.0)
9092
declarative (0.0.20)
9193
digest-crc (0.6.5)
9294
rake (>= 12.0.0, < 14.0.0)
@@ -97,8 +99,8 @@ GEM
9799
escape (0.0.4)
98100
ethon (0.16.0)
99101
ffi (>= 1.15.0)
100-
excon (0.111.0)
101-
faraday (1.10.3)
102+
excon (0.112.0)
103+
faraday (1.10.4)
102104
faraday-em_http (~> 1.0)
103105
faraday-em_synchrony (~> 1.0)
104106
faraday-excon (~> 1.1)
@@ -117,17 +119,17 @@ GEM
117119
faraday-em_synchrony (1.0.0)
118120
faraday-excon (1.1.0)
119121
faraday-httpclient (1.0.1)
120-
faraday-multipart (1.0.4)
121-
multipart-post (~> 2)
122+
faraday-multipart (1.1.0)
123+
multipart-post (~> 2.0)
122124
faraday-net_http (1.0.2)
123125
faraday-net_http_persistent (1.2.0)
124126
faraday-patron (1.0.0)
125127
faraday-rack (1.0.0)
126128
faraday-retry (1.0.3)
127-
faraday_middleware (1.2.0)
129+
faraday_middleware (1.2.1)
128130
faraday (~> 1.0)
129-
fastimage (2.3.1)
130-
fastlane (2.222.0)
131+
fastimage (2.4.0)
132+
fastlane (2.226.0)
131133
CFPropertyList (>= 2.3, < 4.0.0)
132134
addressable (>= 2.8, < 3.0.0)
133135
artifactory (~> 3.0)
@@ -143,6 +145,7 @@ GEM
143145
faraday-cookie_jar (~> 0.0.6)
144146
faraday_middleware (~> 1.0)
145147
fastimage (>= 2.1.0, < 3.0.0)
148+
fastlane-sirp (>= 1.0.0)
146149
gh_inspector (>= 1.1.2, < 2.0.0)
147150
google-apis-androidpublisher_v3 (~> 0.3)
148151
google-apis-playcustomapp_v1 (~> 0.1)
@@ -166,12 +169,14 @@ GEM
166169
tty-spinner (>= 0.8.0, < 1.0.0)
167170
word_wrap (~> 1.0.0)
168171
xcodeproj (>= 1.13.0, < 2.0.0)
169-
xcpretty (~> 0.3.0)
172+
xcpretty (~> 0.4.0)
170173
xcpretty-travis-formatter (>= 0.0.3, < 2.0.0)
171174
fastlane-plugin-auth0_shipper (0.4.1)
172175
semantic (~> 1.5)
173-
ffi (1.17.0-arm64-darwin)
174-
ffi (1.17.0-x86_64-darwin)
176+
fastlane-sirp (1.0.0)
177+
sysrandom (~> 1.0)
178+
ffi (1.17.1-arm64-darwin)
179+
ffi (1.17.1-x86_64-darwin)
175180
fourflusher (2.3.1)
176181
fuzzy_match (2.0.4)
177182
gh_inspector (1.1.3)
@@ -212,34 +217,34 @@ GEM
212217
os (>= 0.9, < 2.0)
213218
signet (>= 0.16, < 2.a)
214219
highline (2.0.3)
215-
http-cookie (1.0.7)
220+
http-cookie (1.0.8)
216221
domain_name (~> 0.5)
217222
httpclient (2.8.3)
218-
i18n (1.14.6)
223+
i18n (1.14.7)
219224
concurrent-ruby (~> 1.0)
220225
jmespath (1.6.2)
221-
json (2.7.2)
222-
jwt (2.9.0)
226+
json (2.9.1)
227+
jwt (2.10.1)
223228
base64
224-
logger (1.6.1)
229+
logger (1.6.5)
225230
mini_magick (4.13.2)
226231
mini_mime (1.1.5)
227-
minitest (5.25.1)
232+
minitest (5.25.4)
228233
molinillo (0.8.0)
229234
multi_json (1.15.0)
230235
multipart-post (2.4.1)
231-
nanaimo (0.3.0)
236+
nanaimo (0.4.0)
232237
nap (1.1.0)
233238
naturally (2.2.1)
234239
netrc (0.11.0)
235240
nkf (0.2.0)
236-
nokogiri (1.16.7-arm64-darwin)
241+
nokogiri (1.18.2-arm64-darwin)
237242
racc (~> 1.4)
238-
nokogiri (1.16.7-x86_64-darwin)
243+
nokogiri (1.18.2-x86_64-darwin)
239244
racc (~> 1.4)
240-
optparse (0.5.0)
245+
optparse (0.6.0)
241246
os (1.1.4)
242-
plist (3.7.1)
247+
plist (3.7.2)
243248
public_suffix (4.0.7)
244249
racc (1.8.1)
245250
rake (13.2.1)
@@ -248,12 +253,12 @@ GEM
248253
trailblazer-option (>= 0.1.1, < 0.2.0)
249254
uber (< 0.2.0)
250255
retriable (3.1.2)
251-
rexml (3.3.7)
252-
rouge (2.0.7)
256+
rexml (3.4.0)
257+
rouge (3.28.0)
253258
ruby-macho (2.5.1)
254259
ruby2_keywords (0.0.5)
255-
rubyzip (2.3.2)
256-
securerandom (0.3.1)
260+
rubyzip (2.4.1)
261+
securerandom (0.4.1)
257262
security (0.1.5)
258263
semantic (1.6.1)
259264
signet (0.19.0)
@@ -264,12 +269,13 @@ GEM
264269
simctl (1.6.10)
265270
CFPropertyList
266271
naturally
267-
slather (2.8.4)
272+
slather (2.8.5)
268273
CFPropertyList (>= 2.2, < 4)
269274
activesupport
270275
clamp (~> 1.3)
271276
nokogiri (>= 1.14.3)
272-
xcodeproj (~> 1.25)
277+
xcodeproj (~> 1.27)
278+
sysrandom (1.0.5)
273279
terminal-notifier (2.0.0)
274280
terminal-table (3.0.2)
275281
unicode-display_width (>= 1.1.1, < 3)
@@ -285,15 +291,15 @@ GEM
285291
uber (0.1.0)
286292
unicode-display_width (2.6.0)
287293
word_wrap (1.0.0)
288-
xcodeproj (1.25.0)
294+
xcodeproj (1.27.0)
289295
CFPropertyList (>= 2.3.3, < 4.0)
290296
atomos (~> 0.1.3)
291297
claide (>= 1.0.2, < 2.0)
292298
colored2 (~> 3.1)
293-
nanaimo (~> 0.3.0)
294-
rexml (>= 3.3.2, < 4.0)
295-
xcpretty (0.3.0)
296-
rouge (~> 2.0.7)
299+
nanaimo (~> 0.4.0)
300+
rexml (>= 3.3.6, < 4.0)
301+
xcpretty (0.4.0)
302+
rouge (~> 3.28.0)
297303
xcpretty-travis-formatter (1.0.1)
298304
xcpretty (~> 0.2, >= 0.0.7)
299305

0 commit comments

Comments
 (0)