Closed ryan-wren closed 11 months ago
For testing purposes, I would switch the condition around the branch, to run run a snyk monitor, and then go here: https://app.snyk.io/org/circleci-public/projects?groupBy=targets&searchQuery=circleci-cli&sortBy=highest+severity&filters%5BShow%5D=&filters%5BIntegrations%5D=&before&after and delete the newly created projects.
This way you can test it without merging to main.
Messed up during git rebase 🤦🏾♂️ . I'll open a new PR with these changes.
Closing this PR in favor of https://github.com/CircleCI-Public/circleci-cli/pull/978
Checklist
=========
Internal Checklist
Changes
=======
vulnerability-scan
job to the CircleCI config, to run Snyk scansRationale
=========
The Snyk scans should only create a snapshot during CI when the changes are on the
main
branch.Considerations
==============
Why you made some of the technical decisions that you made, especially if the reasoning is not immediately obvious
Screenshots
============
Before
Image or gif
After
Image or gif where change can be clearly seen
Here are some helpful tips you can follow when submitting a pull request:
main
.make build
in the repository root.make test
).--debug
flag is often helpful for debugging HTTP client requests and responses.make lint
). Note: This requires Docker to run inside a local job.