Update SQLInjectionExample.java #87
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Mobb/Snyk Fixer on pull requests | |
# This workflow defines the needed steps to run Snyk Code on every pull request and pass the results to Mobb Fixer. | |
# | |
# Secrets in use (add your missing ones): | |
# SNYK_API_TOKEN - your Snyk user credentials (find how to get it here: https://docs.snyk.io/getting-started/how-to-obtain-and-authenticate-with-your-snyk-api-token) | |
# MOBB_API_TOKEN - your mobb user credentials (autumatially set if you forked this repo via the Mobb app) | |
# GITHUB_TOKEN - automatically set by GitHub | |
name: "Mobb/Snyk" | |
on: | |
pull_request: | |
branches: ["*"] | |
jobs: | |
scan-and-fix: | |
name: Scan with Snyk and fix with Mobb | |
runs-on: 'ubuntu-latest' | |
timeout-minutes: 360 | |
permissions: | |
pull-requests: write | |
statuses: write | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Run Snyk SAST scan | |
run: | |
npx snyk auth ${{ secrets.SNYK_API_TOKEN }} && npx snyk code test --sarif-file-output=/home/runner/report.json ./ | |
shell: bash -l {0} | |
- name: Archive report | |
if: always() | |
uses: actions/upload-artifact@v3 | |
with: | |
name: sast-report | |
path: /home/runner/report.json | |
- name: Run Mobb on the findings and get fixes | |
if: always() | |
uses: mobb-dev/action/[email protected] | |
with: | |
report-file: "/home/runner/report.json" | |
api-key: ${{ secrets.MOBB_API_TOKEN }} | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
scanner: snyk |