dependabot[bot]
5abca0cfbc
Bump snyk/actions ( #2078 )
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from 9213221444c2dc9e8b2502c1e857c26d851e84a7 to cdb760004ba9ea4d525f2e043745dfe85bb9077e.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](9213221444...cdb760004b
2024-09-10 10:47:19 -04:00
dependabot[bot]
70ff917c64
Bump snyk/actions ( #2064 )
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from ae9442546152ba9bb0a1c85e2672112c97e7a06d to 9213221444c2dc9e8b2502c1e857c26d851e84a7.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](ae94425461...9213221444
2024-08-27 14:43:38 +00:00
dependabot[bot]
b091b18f31
Bump snyk/actions ( #2043 )
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from 6312a53377a551c0258438bf25fb8f378afbc977 to ae9442546152ba9bb0a1c85e2672112c97e7a06d.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](6312a53377...ae94425461
2024-08-22 14:17:49 -04:00
dependabot[bot]
10cb027ee6
Bump snyk/actions ( #1999 )
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from 640e31719aac3e44867d239dc86c20c3e34c8e4f to 6312a53377a551c0258438bf25fb8f378afbc977.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](640e31719a...6312a53377
2024-07-26 14:50:42 +00:00
dependabot[bot]
6b9a25eb52
Bump snyk/actions ( #1913 )
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from dad21f44fadb6fbcd8d89d8b602d6ac761fe4c86 to 640e31719aac3e44867d239dc86c20c3e34c8e4f.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](dad21f44fa...640e31719a
2024-07-12 15:01:57 +00:00
dependabot[bot]
822940b512
Bump snyk/actions ( #1893 )
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from a1346e4eaf761d462da22c34c681dc06849b6851 to dad21f44fadb6fbcd8d89d8b602d6ac761fe4c86.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](a1346e4eaf...dad21f44fa
2024-07-09 14:37:06 +00:00
dependabot[bot]
38997656d3
Bump snyk/actions ( #1817 )
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from cf77efc3812bb036b3719dca4cecc3930db0b527 to a1346e4eaf761d462da22c34c681dc06849b6851.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](cf77efc381...a1346e4eaf
2024-06-25 13:15:38 -07:00
dependabot[bot]
977cb79132
Bump snyk/actions ( #1790 )
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from d406fd286b663eb8c6f8adcced4f7bcd199c0a3f to cf77efc3812bb036b3719dca4cecc3930db0b527.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](d406fd286b...cf77efc381
2024-06-21 14:56:37 +00:00
dependabot[bot]
d7b42fae7b
--- ( #1580 )
...
updated-dependencies:
- dependency-name: snyk/actions
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-21 15:42:12 +00:00
Kevin Burnett
d7bd03bb69
simplify build with pip and poetry in one step and no pipx ( #1323 )
...
* simplify build with pip and poetry in one step and no pipx
* upgrade setuptools
* just in case
* debug w/ burnettk
* print pwd and ls whenever we call constraints w/ burnettk
* update safety and setuptools to fix ci errors w/ burnettk
---------
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
2024-04-03 11:40:50 -04:00
dependabot[bot]
ca9a7d9224
Bump snyk/actions ( #1178 )
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from 1d672a455ab3339ef0a0021e1ec809165ee12fad to 8349f9043a8b7f0f3ee8885bf28f0b388d2446e8.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](1d672a455a...8349f9043a
2024-03-07 14:38:33 +00:00
dependabot[bot]
97ad27420f
Bump snyk/actions ( #1034 )
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from 806182742461562b67788a64410098c9d9b96adb to 1d672a455ab3339ef0a0021e1ec809165ee12fad.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](8061827424...1d672a455a
2024-02-14 14:37:36 +00:00
dependabot[bot]
73f7ab8ff4
Bump actions/checkout from 3 to 4 ( #1019 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-12 15:15:20 +00:00
dependabot[bot]
c36ed57996
Bump actions/setup-node from 3 to 4 ( #981 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3 to 4.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-07 15:11:25 +00:00
dependabot[bot]
9a9df0a6ef
Bump github/codeql-action from 2 to 3 ( #970 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-06 07:06:57 -08:00
Kevin Burnett
b02f505bea
move snyk stuff to snyk file ( #895 )
...
Co-authored-by: burnettk <burnettk@users.noreply.github.com>
2024-01-11 06:14:25 -08:00
jasquat
016eafa35d
Feature/debug snyk ( #660 )
...
* try to debug snyk issue
* try to correct debug env var
* put the debug var in the correct area
* updated autoprefixer to make snyk happy
* put the rest of the ci items back
* run snyk on a schedule w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
2023-11-10 14:13:28 -05:00
jasquat
fe4dc14b8d
Feature/docker CVE issues ( #558 )
...
* updated Dockerfile to try to remove security vulnerabilities w/ burnettk
* we require curl for health checks w/ burnettk
* try to scan docker image in ci
* use Dockerfile from backend w/ burnettk
* continue-on-error w/ burnettk
* attempt to elevate permissions of snyk w/ burnettk
* added snyk security github workflow w/ burnettk
* fixed location of constraints w/ burnettk
* add in or true for snyk tests w/ burnettk
* sent the snyk token w/ burnettk
* specify the directory for the sarif file w/ burnettk
* updated spiffworkflow-connector-command for snyk issue w/ burnettk
* updated sql statements sanitize input
* ignore issues for debug_controller and check frontend with snyk w/ burnettk
* updated babel and electron for snyk w/ burnettk
* some more updates to fix vulnerabilities w/ burnettk
* prune repeated deps for frontend builds since
* uncomment ci code so it runs again and use node for frontend base image w/ burnettk
* fixed backend image name w/ burnettk
* pyl w/ burnettk
---------
Co-authored-by: jasquat <jasquat@users.noreply.github.com>
2023-10-19 14:22:52 -04:00
