Skip to content

added back workshop sample iOS PawsKey app #15

added back workshop sample iOS PawsKey app

added back workshop sample iOS PawsKey app #15

name: Yubico Security - Static Analysis
on:
push:
branches: [ main ]
jobs:
static_analysis:

Check failure on line 8 in .github/workflows/yubico_security-static_analysis.yml

View workflow run for this annotation

GitHub Actions / Yubico Security - Static Analysis

Invalid workflow file

The workflow is not valid. .github/workflows/yubico_security-static_analysis.yml (Line: 8, Col: 5): Error calling workflow 'Yubico/.github/.github/workflows/yubico_security-static_analysis.yml@main'. The nested job 'snyk' is requesting 'actions: read, security-events: write', but is only allowed 'actions: none, security-events: none'.
name: "Yubico Security - Static Analysis"
uses: Yubico/.github/.github/workflows/yubico_security-static_analysis.yml@main
with:
snyk-enabled: true
# Not all langauges need to be specified. Currently, this only has an affect if you use Go
# The rest of the langauges supported by Snyk have tooling installed on the action runner by defualt (or no one at Yubico uses them)
# Reference the source workflow and/or
snyk-languages: '["javascript", "java"]' # Not including Swift since that requires the use of cocoapods or Swift Package Manager
# This assumes that you have a repository variable with the Snyk org id/slug
# Reference: https://docs.github.com/en/actions/learn-github-actions/variables#defining-configuration-variables-for-multiple-workflows
snyk-org-id-or-slug: ${{ vars.SNYK_ORG_ID }}
secrets:
# This assumes that you have a repository secret set with the token
# Reference: https://docs.github.com/en/actions/security-guides/encrypted-secrets#creating-encrypted-secrets-for-a-repository
snyk-token: ${{ secrets.SNYK_TOKEN }}