Delete Snyk workflow - replaced by submitting sbt dependencies to GitHub · guardian/play-secret-rotation@41db323

Commit

Delete Snyk workflow - replaced by submitting sbt dependencies to GitHub

Further to #475, we are now removing Snyk from this project, so we can rely on one source of truth for dependency-vulnerability information.

In this repo, we would find GitHub's dependency-vulnerability information at:

https://github.com/guardian/play-secret-rotation/security/dependabot

This does seem to miss some information that we could find in a Snyk report - ie the dependency-path that introduces the dependency. For instance this Snyk issue provides "Detailed paths \ Introduced through" information:

https://app.snyk.io/org/scala-guild/project/10018236-f7b7-416e-99d4-196d1c2f3d23

Loading branch information

rtyley authored Oct 24, 2024

1 parent 3d01a2d commit 41db323

.github/workflows/snyk.yml

This file was deleted.

0 comments on commit `41db323`

Please sign in to comment.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit

There are no files selected for viewing

0 comments on commit `41db323`

Commit

There are no files selected for viewing

0 comments on commit 41db323

0 comments on commit `41db323`