Skip to content

fix(Source-to-Sink): handle empty token list in PPI find method #53

fix(Source-to-Sink): handle empty token list in PPI find method

fix(Source-to-Sink): handle empty token list in PPI find method #53

Workflow file for this run

name: Security Gate
on:
pull_request:
branches:
- main
- develop
jobs:
gate:
runs-on: ubuntu-latest
env:
MAX_CRITICAL: 0
MAX_HIGH: 0
MAX_MEDIUM: 0
MAX_LOW: 0
GITHUB_TOKEN: ${{ secrets.TOKEN }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Pull Docker image from GitHub Container Registry
run: docker pull ghcr.io/instriq/security-gate/security-gate:latest
- name: Verify security alerts from dependabot
run: |
docker run ghcr.io/instriq/security-gate/security-gate:latest \
-t $GITHUB_TOKEN \
-r ${{ github.repository }} \
--critical $MAX_CRITICAL \
--high $MAX_HIGH \
--medium $MAX_MEDIUM \
--low $MAX_LOW