Merge pull request #627 from sir-gon/renovate/aquasecurity-trivy-acti… #533

	---

	name: Snyk Code analysis

	on: # yamllint disable-line rule:truthy
	pull_request:
	push:
	branches:
	- '**' # matches every branch
	- '!dependabot/**' # excludes master
	workflow_dispatch:

	jobs:
	security:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@master
	- name: Run Snyk to check for vulnerabilities
	uses: snyk/actions/python@master
	continue-on-error: true # To make sure that SARIF upload gets called
	env:
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	with:
	args: >
	--print-deps
	--file=requirements.txt
	--command=python3
	--sarif-file-output=snyk-code.sarif
	- name: Upload result to GitHub Code Scanning
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: 'snyk-code.sarif'

Provide feedback