Skip to content

Merge pull request #336 from newrelic/release/v1.5.0 #108

Merge pull request #336 from newrelic/release/v1.5.0

Merge pull request #336 from newrelic/release/v1.5.0 #108

name: Snyk Vulnerability Scan
on:
workflow_dispatch:
schedule:
- cron: '00 15 * * 1'
push:
branches:
- main
jobs:
security:
runs-on: ubuntu-latest
steps:
- name: Checkout Java Agent
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # pin@v4
with:
ref: 'main'
- name: Set gradle.properties Workaround
shell: bash
run: |
echo "jdk8=/tmp" >> gradle.properties
echo "jdk11=/tmp" >> gradle.properties
echo "jdk17=/tmp" >> gradle.properties
- name: Run Snyk to check for vulnerabilities
uses: snyk/actions/gradle-jdk11@8349f9043a8b7f0f3ee8885bf28f0b388d2446e8 # pin@master
env:
SNYK_TOKEN: ${{ secrets.JAVA_AGENT_SNYK_TOKEN }}
with:
command: monitor
args: --all-sub-projects --org=java-agent --configuration-matching='(includeInJar)|(shadowIntoJar)'