build(deps): bump mkdocs-material from 9.3.2 to 9.6.1 #328
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # vim: set ai expandtab sw=2 ts=2 sts=2 re=2 ft=yaml: | |
| # code: language=yaml | |
| # | |
| # SPDX-FileCopyrightText: 2023 Pablo Hörtner <[email protected]> | |
| # SPDX-License-Identifier: AGPL-3.0-or-later | |
| # | |
| # Copyright © 2023 by Pablo Hörtner <[email protected]>. All rights reserved. | |
| # You can find the AGPL v3.0 here: https://www.gnu.org/licenses/agpl-3.0 | |
| # Attribution required if you use these GitHub workflows in your project. | |
| # | |
| # This workflow uses actions that are not certified by GitHub. They are | |
| # provided by a third-party and are governed by separate terms of service, | |
| # privacy policy, and support documentation. | |
| # A workflow with support for the full Snyk platform: | |
| # - Snyk Open Source | |
| # - Snyk Code | |
| # - Snyk Container | |
| # - Snyk Infrastructure as Code | |
| # The setup installs the Snyk CLI - for more details on the possible commands | |
| # @see https://docs.snyk.io/snyk-cli/cli-reference | |
| # @see https://github.com/snyk/actions/ | |
| # The results of Snyk Code are then uploaded to GitHub Security Code Scanning | |
| # | |
| # To use the Snyk Action we need to have a Snyk API token: | |
| # @see https://github.com/snyk/actions#getting-your-snyk-token | |
| name: Snyk Security | |
| on: | |
| push: | |
| branches: ["main" ] | |
| pull_request: | |
| branches: ["main"] | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| permissions: | |
| contents: read | |
| jobs: | |
| snyk: | |
| permissions: | |
| contents: read # for actions/checkout to fetch code | |
| security-events: write # for github/codeql-action/upload-sarif | |
| actions: read # only required for a private repository by upload-sarif | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Snyk CLI to check for security issues | |
| # Snyk can be used to break the build when it detects security issues | |
| # In this case we want to upload SAST issues to "GitHub Code Scanning" | |
| uses: snyk/actions/setup@299cde98a08ff8b1c2bfde1e5a067bce67a6d2b8 | |
| # For Snyk Open Source we must first set up the development environment | |
| # For example for Node: | |
| #- uses: actions/setup-node@v3 | |
| # with: | |
| # node-version: 16 | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| # Run Code analysis (SAST) and upload result into GitHub | |
| # Use || true to not fail the pipeline | |
| - name: Snyk Code test | |
| run: snyk code test --sarif > snyk-code.sarif || true | |
| # Run Open Source analysis (SCA) and upload result to Snyk | |
| - name: Snyk Open Source monitor | |
| run: snyk monitor --all-projects || true | |
| # Run Infrastructure as Code (IaC) analysis & upload result to Snyk | |
| # Use || true to not fail the pipeline | |
| - name: Snyk IaC test and report | |
| run: snyk iac test --report || true | |
| # Build the docker image for testing | |
| #- name: Build a Docker image | |
| #run: docker build -t your/image-to-test . | |
| # Run Container analysis (Container & SCA) & uploads result to Snyk | |
| #- name: Snyk Container monitor | |
| #run: snyk container monitor your/image-to-test --file=Dockerfile | |
| # Push the Snyk Code results into GitHub Code Scanning tab | |
| - name: Upload result to GitHub Code Scanning | |
| uses: github/codeql-action/upload-sarif@v2 | |
| with: | |
| sarif_file: snyk-code.sarif |