Skip to content

Commit

Permalink
Updating the Python Snyk Action README with dependency information
Browse files Browse the repository at this point in the history
  • Loading branch information
@akanchhaS @bastiandoetsch
akanchhaS authored and bastiandoetsch committed Aug 30, 2022
1 parent f17622b commit e0bb943
Show file tree
Hide file tree
Showing 4 changed files with 33 additions and 0 deletions.
8 changes: 8 additions & 0 deletions python-3.6/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,14 @@
A [GitHub Action](https://github.com/features/actions) for using [Snyk](https://snyk.co/SnykGH) to check for
vulnerabilities in your Python-3.6 projects. This Action is based on the [Snyk CLI][cli-gh] and you can use [all of its options and capabilities][cli-ref] with the `args`.

> Note: The examples shared below reflect how Snyk github actions can be used. Snyk requires Python to have downloaded the dependencies before running or triggering the Snyk checks.
> The Python image checks and installs deps only if the manifest files are present in the current path (from where action is being triggered)
> 1. If pip is present on the current path , and Snyk finds a requirements.txt file, then Snyk runs pip install -r requirements.txt.
> 2. If pipenv is present on the current path, and Snyk finds a Pipfile without a Pipfile.lock, then Snyk runs pipenv update
> 3. If pyproject.toml is present in the current path and Snyk does not find poetry.lock then Snyk runs pip install poetry
>
> If manifest files are present under any location other root then they MUST be installed prior to running Snyk.
You can use the Action as follows:

```yaml
Expand Down
8 changes: 8 additions & 0 deletions python-3.7/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,14 @@
A [GitHub Action](https://github.com/features/actions) for using [Snyk](https://snyk.co/SnykGH) to check for
vulnerabilities in your Python-3.7 projects. This Action is based on the [Snyk CLI][cli-gh] and you can use [all of its options and capabilities][cli-ref] with the `args`.

> Note: The examples shared below reflect how Snyk github actions can be used. Snyk requires Python to have downloaded the dependencies before running or triggering the Snyk checks.
> The Python image checks and installs deps only if the manifest files are present in the current path (from where action is being triggered)
> 1. If pip is present on the current path , and Snyk finds a requirements.txt file, then Snyk runs pip install -r requirements.txt.
> 2. If pipenv is present on the current path, and Snyk finds a Pipfile without a Pipfile.lock, then Snyk runs pipenv update
> 3. If pyproject.toml is present in the current path and Snyk does not find poetry.lock then Snyk runs pip install poetry
>
> If manifest files are present under any location other root then they MUST be installed prior to running Snyk.
You can use the Action as follows:

```yaml
Expand Down
8 changes: 8 additions & 0 deletions python-3.8/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,14 @@
A [GitHub Action](https://github.com/features/actions) for using [Snyk](https://snyk.co/SnykGH) to check for
vulnerabilities in your Python-3.8 projects. This Action is based on the [Snyk CLI][cli-gh] and you can use [all of its options and capabilities][cli-ref] with the `args`.

> Note: The examples shared below reflect how Snyk github actions can be used. Snyk requires Python to have downloaded the dependencies before running or triggering the Snyk checks.
> The Python image checks and installs deps only if the manifest files are present in the current path (from where action is being triggered)
> 1. If pip is present on the current path , and Snyk finds a requirements.txt file, then Snyk runs pip install -r requirements.txt.
> 2. If pipenv is present on the current path, and Snyk finds a Pipfile without a Pipfile.lock, then Snyk runs pipenv update
> 3. If pyproject.toml is present in the current path and Snyk does not find poetry.lock then Snyk runs pip install poetry
>
> If manifest files are present under any location other root then they MUST be installed prior to running Snyk.
You can use the Action as follows:

```yaml
Expand Down
9 changes: 9 additions & 0 deletions python/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,15 @@
A [GitHub Action](https://github.com/features/actions) for using [Snyk](https://snyk.co/SnykGH) to check for
vulnerabilities in your Python projects. This Action is based on the [Snyk CLI][cli-gh] and you can use [all of its options and capabilities][cli-ref] with the `args`.

> Note: The examples shared below reflect how Snyk github actions can be used. Snyk requires Python to have downloaded the dependencies before running or triggering the Snyk checks.
> The Python image checks and installs deps only if the manifest files are present in the current path (from where action is being triggered)
> 1. If pip is present on the current path , and Snyk finds a requirements.txt file, then Snyk runs pip install -r requirements.txt.
> 2. If pipenv is present on the current path, and Snyk finds a Pipfile without a Pipfile.lock, then Snyk runs pipenv update
> 3. If pyproject.toml is present in the current path and Snyk does not find poetry.lock then Snyk runs pip install poetry
>
> If manifest files are present under any location other root then they MUST be installed prior to running Snyk.

You can use the Action as follows:

```yaml
Expand Down

0 comments on commit e0bb943

Please sign in to comment.