Chore/snyk testing

[Lauren TB (laurentb4)]

Testing snyk scan action

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

License Issues

.github/workflows/snyk-container-scan.yml

Package	Version	License	Issue Type
ministryofjustice/analytical-platform-airflow-github-actions/.github/workflows/shared-snyk-scan.yml	be63b313f49915001396ba92c00c14223dce0834	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
actions/ministryofjustice/analytical-platform-airflow-github-actions/.github/workflows/shared-snyk-scan.yml	be63b313f49915001396ba92c00c14223dce0834	🟢 8.9	Details Check Score Reason Dependency-Update-Tool 🟢 10 update tool detected Binary-Artifacts 🟢 10 no binaries found in the repo Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Pinned-Dependencies 🟢 10 all dependencies are pinned Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 0 existing vulnerabilities detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Security-Policy 🟢 10 security policy file detected SAST 🟢 10 SAST tool is run on all commits Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Packaging ⚠️ -1 packaging workflow not detected Contributors 🟢 3 project has 1 contributing companies or organizations -- score normalized to 3 CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10

Scanned Files

• .github/workflows/snyk-container-scan.yml

[github-actions]

Super-linter summary

Language	Validation result
CHECKOV	Pass ✅
DOCKERFILE_HADOLINT	Pass ✅
EDITORCONFIG	Pass ✅
GITHUB_ACTIONS	Pass ✅
GITHUB_ACTIONS_ZIZMOR	Pass ✅
GITLEAKS	Pass ✅
GIT_MERGE_CONFLICT_MARKERS	Pass ✅
JSCPD	Pass ✅
JSON	Pass ✅
JSON_PRETTIER	Pass ✅
MARKDOWN	Pass ✅
MARKDOWN_PRETTIER	Pass ✅
NATURAL_LANGUAGE	Pass ✅
PRE_COMMIT	Pass ✅
SPELL_CODESPELL	Pass ✅
YAML	Pass ✅
YAML_PRETTIER	Pass ✅

All files and directories linted successfully

For more information, see the GitHub Actions workflow run

Powered by Super-linter

[github-actions]

Container scan has passed.

[github-actions]

Super-linter summary

Language	Validation result
CHECKOV	Pass ✅
DOCKERFILE_HADOLINT	Pass ✅
EDITORCONFIG	Pass ✅
GITHUB_ACTIONS	Pass ✅
GITHUB_ACTIONS_ZIZMOR	Pass ✅
GITLEAKS	Pass ✅
GIT_MERGE_CONFLICT_MARKERS	Pass ✅
JSCPD	Pass ✅
JSON	Pass ✅
JSON_PRETTIER	Pass ✅
MARKDOWN	Pass ✅
MARKDOWN_PRETTIER	Pass ✅
NATURAL_LANGUAGE	Pass ✅
PRE_COMMIT	Pass ✅
SPELL_CODESPELL	Pass ✅
YAML	Pass ✅
YAML_PRETTIER	Pass ✅

All files and directories linted successfully

For more information, see the GitHub Actions workflow run

Powered by Super-linter

[github-actions]

Container scan has passed.

[github-advanced-security]

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

• The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
• Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
• You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.