Conversation
🎉 Snyk checks have passed. No issues have been found so far.✅ code/snyk check is complete. No issues have been found. (View Details) |
|
Same as #174 (review) |
|
@dotkas Done. Please review. |
| > Note: The examples shared below reflect how Snyk github actions can be used. Snyk requires Python to have downloaded the dependencies before running or triggering the Snyk checks. | ||
| > The Python image checks and installs deps only if the manifest files are present in the current path (from where action is being triggered) | ||
| > 1. If pip is present on the current path , and Snyk finds a requirements.txt file, then Snyk runs pip install -r requirements.txt. | ||
| > 2. If pipenv is present on the current path, and Snyk finds a Pipfile without a Pipfile.lock, then Snyk runs pipenv update | ||
| > 3. If pyproject.toml is present in the current path and Snyk does not find poetry.lock then Snyk runs pip install poetry | ||
| > | ||
| > If manifest files are present under any location other root then they MUST be installed prior to running Snyk. |
There was a problem hiding this comment.
I think this will get overwritten by the generation script? Is that OK for you?
There was a problem hiding this comment.
If not we need to extend the build.rb to somehow understand additional comments.
There was a problem hiding this comment.
I guess I was wrong about this, seems they were generated and then manually edited. 🤔
There was a problem hiding this comment.
I am not sure about this particular place TBH. But if you guide me on what exactly should I do to make README.md correct, I can do it.
There was a problem hiding this comment.
I'm making some changes to the way we generate these actions in order to increase maintainability. This will most likely cause some annoying conflicts in your PRs, so I will (probably tomorrow) just raise a PR to include your changes so you don't have to worry about it.
|
Replaced by #190 |
2 participants
Description
Adding
python-3.12GitHub Action.