Bump pynacl from 1.5.0 to 1.6.2 in /lib/poseidon_core #2468
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: secrets | |
| on: [push, pull_request] | |
| jobs: | |
| scan: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: scan | |
| run: | | |
| export DEBIAN_FRONTEND=noninteractive && \ | |
| echo 'debconf debconf/frontend select Noninteractive' | sudo debconf-set-selections && \ | |
| sudo apt-get update && \ | |
| python3 -m pip install --upgrade pip && \ | |
| pip3 install whispers && \ | |
| mkdir /home/runner/reports/ && \ | |
| whispers --severity BLOCKER,CRITICAL -o /home/runner/reports/whispers.json -c ${GITHUB_WORKSPACE}/.github/workflows/config/whispers-config.yml ${GITHUB_WORKSPACE} && \ | |
| echo "::set-output name=found-count::$(wc -l /home/runner/reports/whispers.json | cut -d' ' -f1)" | |
| - name: Fail if found | |
| if: steps.scan.outputs.found-count != 0 | |
| uses: actions/github-script@v6 | |
| with: | |
| script: | | |
| echo {{steps.scan.outputs.found-count}} && \ | |
| core.setFailed('Secrets found. Please check the uploaded report') | |
| - name: Upload scan reports | |
| uses: actions/[email protected] | |
| if: failure() | |
| with: | |
| name: whispers-report | |
| path: /home/runner/reports/whispers.json |