Skip to content

Merge pull request #1008 from valory-xyz/offchain-epic #107

Merge pull request #1008 from valory-xyz/offchain-epic

Merge pull request #1008 from valory-xyz/offchain-epic #107

Workflow file for this run

name: Snyk Security
on:
push:
branches: ["main"]
pull_request:
branches: ["main"]
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
permissions:
contents: read
jobs:
snyk:
continue-on-error: True
permissions:
contents: read
security-events: write
actions: read
runs-on: ubuntu-24.04
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
steps:
- uses: actions/checkout@v6
- name: Install uv
uses: astral-sh/setup-uv@v6
- name: Export requirements for Snyk
run: uv export --format requirements-txt --no-hashes --no-editable --no-emit-project > requirements.txt
- name: Set up Snyk CLI to check for security issues
uses: snyk/actions/setup@806182742461562b67788a64410098c9d9b96adb
- name: Snyk Code test
run: snyk code test --sarif > snyk-code.sarif
continue-on-error: true
- name: Snyk Open Source monitor
run: snyk monitor --file=requirements.txt --package-manager=pip --skip-unresolved
- name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: snyk-code.sarif