-
Notifications
You must be signed in to change notification settings - Fork 1.5k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
build: Snyk test/monitor for web3-react + exclude workspace unmet deps (
#835) * Snyk test/monitor for web3-react + exclude workspace unmet deps * freeze lockfile and checkout * Update .github/workflows/CI.yml Co-authored-by: Zach Pomerantz <zzmp@uniswap.org> * Update .github/workflows/snyk_sca_scan.yml Co-authored-by: Zach Pomerantz <zzmp@uniswap.org> * Update .github/workflows/snyk_sca_scan.yml Co-authored-by: Zach Pomerantz <zzmp@uniswap.org> * Update .github/workflows/snyk_sca_scan.yml Co-authored-by: Zach Pomerantz <zzmp@uniswap.org> * Update .github/workflows/snyk_sca_scan.yml Co-authored-by: Zach Pomerantz <zzmp@uniswap.org> * build: upgrade lerna to 5.6.2 * build: rm unused eth-provider --------- Co-authored-by: pwnslinger <mohsen.ahmadi@uniswap.org> Co-authored-by: Zach Pomerantz <zzmp@uniswap.org>
- Loading branch information
3 people
authored
Jul 6, 2023
1 parent
937a6dd
commit 2aae4f1
Showing
5 changed files
with
1,913 additions
and
1,547 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| name: Snyk Code Security | ||
|
|
||
| on: | ||
| pull_request: | ||
| branches: | ||
| - '**' | ||
| push: | ||
| branches: | ||
| - main | ||
| paths-ignore: | ||
| - '**/*.md' | ||
|
|
||
| jobs: | ||
| open-source: | ||
| name: '🔒 Open Source Scan' | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v2 | ||
| - name: Run Snyk test to check for known vulnerabilities in software supply chain | ||
| uses: snyk/actions/node@0e928f3e9ae859e2b95ac2b89af55d7b6434244d | ||
| env: | ||
| SNYK_TOKEN: ${{ secrets.SNYK_API_TOKEN }} | ||
| with: | ||
| command: test | ||
| # include devDependencies to deps list for Snyk dep-graph | ||
| args: --dev --severity-threshold=medium | ||
|
|
||
| - name: Run Snyk monitor to upload the latest snapshot | ||
| uses: snyk/actions/node@0e928f3e9ae859e2b95ac2b89af55d7b6434244d | ||
| env: | ||
| SNYK_TOKEN: ${{ secrets.SNYK_API_TOKEN }} | ||
| with: | ||
| command: monitor | ||
| # include devDependencies to deps list for Snyk dep-graph | ||
| args: --dev --severity-threshold=medium |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. | ||
| version: v1.25.0 | ||
| ignore: {} | ||
| patch: {} | ||
| exclude: | ||
| global: | ||
| - packages/** | ||
| - examples/** |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
2aae4f1There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Successfully deployed to the following URLs:
web3-react – ./
web3-react-mu.vercel.app
web3-react-git-main-uniswap.vercel.app
web3-react-uniswap.vercel.app