From f355dbe52662929d91d1966d36f24a5c9ef0c5b9 Mon Sep 17 00:00:00 2001 From: Murilo Dal Ri Date: Thu, 16 May 2024 10:09:36 +0100 Subject: [PATCH] Remove Snyk job from workflow We've decided to stop using Snyk for the reasons described [here](https://docs.google.com/document/d/1elh1hQoxcE-oMcHEPH3NuipFw0vkDe_T3wWmzqXRCoA/edit#heading=h.nwe71munrcvd). This PR will be reviewed and merged by the Platform Security and Reliability team. Any questions or concerns, please reach out in our channel: #govuk-platform-security-reliability-team. [Trello card](https://trello.com/c/z36ZcRzL/3532-remove-snyk-jobs-from-all-ci-pipelines-3) --- .github/workflows/ci.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3b87eef..39c6a1c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -11,15 +11,6 @@ on: pull_request: jobs: - snyk-security: - name: SNYK security analysis - uses: alphagov/govuk-infrastructure/.github/workflows/snyk-security.yml@main - secrets: inherit - permissions: - contents: read - security-events: write - actions: read - codeql-sast: name: CodeQL SAST scan uses: alphagov/govuk-infrastructure/.github/workflows/codeql-analysis.yml@main