Skip to content

[Snyk] Security upgrade python from 3.7-alpine to 3.14.0a1-alpine #25

[Snyk] Security upgrade python from 3.7-alpine to 3.14.0a1-alpine

[Snyk] Security upgrade python from 3.7-alpine to 3.14.0a1-alpine #25

Workflow file for this run

---
# This workflow integrates qwiet.ai preZero with GitHub
# Visit https://docs.shiftleft.io for help
name: qwiet.ai
on:
pull_request:
workflow_dispatch:
jobs:
NextGen-Static-Analysis:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Setup Java JDK v8
uses: actions/setup-java@v3
with:
distribution: zulu
java-version: 8
- name: Download ShiftLeft CLI
run: |
curl https://cdn.shiftleft.io/download/sl > ${GITHUB_WORKSPACE}/sl && chmod a+rx ${GITHUB_WORKSPACE}/sl
- name: preZero Static Analysis
run: |
${GITHUB_WORKSPACE}/sl --version
${GITHUB_WORKSPACE}/sl analyze --strict --wait \
--app Damn-Vulnerable-GraphQL-Application \
--tag branch=${{ github.head_ref }} \
--js --container 18fgsa/s3-resource .
env:
SHIFTLEFT_ACCESS_TOKEN: ${{ secrets.SHIFTLEFT_ACCESS_TOKEN }}
SHIFTLEFT_API_HOST: www.shiftleft.io
SHIFTLEFT_GRPC_TELEMETRY_HOST: telemetry.shiftleft.io:443
SHIFTLEFT_GRPC_API_HOST: api.shiftleft.io:443
# Build-Rules:
# runs-on: ubuntu-latest
# permissions: write-all
# needs: NextGen-Static-Analysis
# steps:
# - uses: actions/checkout@v3
# - name: Download ShiftLeft CLI
# run: |
# curl https://cdn.shiftleft.io/download/sl > ${GITHUB_WORKSPACE}/sl && chmod a+rx ${GITHUB_WORKSPACE}/sl
# - name: Validate Build Rules
# run: |
# ${GITHUB_WORKSPACE}/sl check-analysis --app Damn-Vulnerable-GraphQL-Application \
# --github-pr-number=${{github.event.number}} \
# --github-pr-user=${{ github.repository_owner }} \
# --github-pr-repo=${{ github.event.repository.name }} \
# --github-token=${{ secrets.GITHUB_TOKEN }}
# env:
# # SHIFTLEFT_ACCESS_TOKEN: ${{ secrets.SHIFTLEFT_ACCESS_TOKEN }}
#
# SHIFTLEFT_API_HOST: www.shiftleft.io
# SHIFTLEFT_GRPC_TELEMETRY_HOST: telemetry.shiftleft.io:443
# SHIFTLEFT_GRPC_API_HOST: api.shiftleft.io:443
#