updated indore block to 44934656 for mainnet (#916) #6

Workflow file for this run

.github/workflows/security-ci.yml at d71c00d

	name: Security CI
	on: [ push, pull_request ]

	jobs:
	snyk:
	name: Snyk and Publish
	runs-on: ubuntu-latest
	steps:
	- name: Checkout Source
	uses: actions/checkout@master
	- name: Run Snyk to check for vulnerabilities
	uses: snyk/actions/golang@master
	continue-on-error: true
	env:
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	GOFLAGS: "-buildvcs=false"
	with:
	args: --org=${{ secrets.SNYK_ORG }} --severity-threshold=medium --sarif-file-output=snyk.sarif
	- name: Upload result to GitHub Code Scanning
	uses: github/codeql-action/upload-sarif@v2
	continue-on-error: true
	with:
	sarif_file: snyk.sarif

	snyk-code:
	name: Snyk Code and Publish
	runs-on: ubuntu-latest
	continue-on-error: true
	steps:
	- name: Checkout Source
	uses: actions/checkout@master
	- name: Run Snyk SAST to check for code vulnerabilities
	uses: snyk/actions/golang@master
	continue-on-error: true
	env:
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	with:
	args: --org=${{ secrets.SNYK_ORG }} --sarif-file-output=snyk.sarif
	command: code test
	- name: Upload result to GitHub Code Scanning
	uses: github/codeql-action/upload-sarif@v2
	continue-on-error: true
	with:
	sarif_file: snyk.sarif

	govuln:
	name: Run govuln check and Publish
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v3
	- name: Running govulncheck
	uses: Templum/govulncheck-action@v0.10.1
	continue-on-error: true
	env:
	DEBUG: "true"
	with:
	go-version: 1.19
	vulncheck-version: latest
	package: ./...
	github-token: ${{ secrets.GITHUB_TOKEN }}
	fail-on-vuln: true

	- name: Upload govulncheck report
	uses: actions/upload-artifact@v3
	with:
	name: raw-report
	path: raw-report.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

updated indore block to 44934656 for mainnet (#916) #6

Workflow file

updated indore block to 44934656 for mainnet (#916) #6

Jobs

Run details

Workflow file for this run