diff --git a/.github/workflows/scheduled-snyk-docker.yaml b/.github/workflows/scheduled-snyk-docker.yaml index b4afc9b5..e2a80181 100644 --- a/.github/workflows/scheduled-snyk-docker.yaml +++ b/.github/workflows/scheduled-snyk-docker.yaml @@ -64,7 +64,7 @@ jobs: --policy-path=.snyk --exclude-app-vulns --org=radar-base - --sarif-file-output=${{ matrix.image.name }}.sarif + --sarif-file-output=snyk.sarif # Detected vulnerabilities will appear on Github in Security->Code_scanning_alerts tab - name: Upload result to GitHub Code Scanning diff --git a/.github/workflows/scheduled-snyk.yaml b/.github/workflows/scheduled-snyk.yaml index c7da42d3..152344db 100644 --- a/.github/workflows/scheduled-snyk.yaml +++ b/.github/workflows/scheduled-snyk.yaml @@ -3,6 +3,7 @@ name: Snyk scheduled code base scan on: schedule: - cron: '0 2 * * 1' + workflow_dispatch: env: MODULES: >- @@ -19,7 +20,6 @@ env: 'name': 'oura-library', 'build_file': 'oura-library/build.gradle', }] - workflow_dispatch: jobs: prepare-matrix: @@ -57,11 +57,11 @@ jobs: --severity-threshold=high --policy-path=.snyk --org=radar-base - --sarif-file-output=${{ matrix.module.module }}.sarif + --sarif-file-output=snyk.sarif # Detected vulnerabilities will appear on Github in Security->Code_scanning_alerts tab - name: Upload result to GitHub Code Scanning uses: github/codeql-action/upload-sarif@v3 with: - sarif_file: ${{ matrix.module.module }}.sarif + sarif_file: snyk.sarif category: ${{ matrix.module.module }} diff --git a/buildSrc/src/main/kotlin/Versions.kt b/buildSrc/src/main/kotlin/Versions.kt index 807800e7..f3635638 100644 --- a/buildSrc/src/main/kotlin/Versions.kt +++ b/buildSrc/src/main/kotlin/Versions.kt @@ -1,6 +1,6 @@ @Suppress("ConstPropertyName", "MemberVisibilityCanBePrivate") object Versions { - const val project = "0.7.1" + const val project = "0.7.3-SNAPSHOT" const val java = 17 const val kotlin = "1.9.22"