footnotes/.github/workflows/snyk.yml

name: Snyk 

on: pull_request

jobs:
  security:
    name: Scan for vulnerabilities
    runs-on: ubuntu-latest
    
    steps:
      - name: Checkout code
        uses: actions/checkout@master
        
      - name: Run Snyk to check for vulnerabilities
        uses: snyk/actions/php@master
        continue-on-error: true # To make sure that SARIF upload gets called
        env:
          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
        with:
          args: --all-projects --sarif-file-output=snyk.sarif
      - name: Upload result to GitHub Code Scanning
        uses: github/codeql-action/upload-sarif@v1
        with:
          sarif_file: snyk.sarif
activate specific push action 2021-04-20 02:07:08 +00:00			`name: Snyk`
ci: improve linting, GitHub Actions workflows (#149) * release: release 2.7.2 * fix: urgent 2.7.3 release to fix fatal error * chore: remove un-needed setup script * ci: remove steps from pre-push command * chore: remove un-needed PHP-Commitizen config * chore: put image files in correct folders * chore: move GitHub image into `.github/` dir * fix: classic editor button * fix: call correct jQuery Tools file in dev env * docs: replace license with Markdown version * ci: clean up PHP linting commands If anyone has noticed me playing musical filepaths with these commands for a while, it's because I kept getting inconsistent results from the use of double-globs (i.e., `*`). However, I've finally figured out that this is because Composer is running these scripts in its own shell, so the double-glob that works when I run the command manually in my Terminal doesn't work when Composer runs it in its. chore: lint PHP files * build: update JS linting standards * chore: lint JS file * build: add node-sass * build: add additional stylelint rules * chore: lint stylesheets with new rulesets * refactor: move ESLint settings to `package.json` * chore: move Prettier config to `package.json` It is not yet possible to move `.prettierignore` to `package.json` too, but this appears to be on the horizon; see [this Issue][prettier-issue]. [prettier-issue]: https://github.com/prettier/prettier/issues/3460 * fix: move WPML config into Plugin folder * chore: move Stylelint config into `package.json` * chore: remove unused `.distignore` It can always be re-added at a later date if it becomes useful. * chore: format file * build: add HTML linting * fix: add image alt tag * ci: clean up GitHub Actions workflows * fix: fix workflow * fix: fix indentation * ci: add YAML validation * chore: make valid * ci: add YAML validation * chore: lint code * ci: change dep install back to original * chore: lint license 2021-04-26 16:17:44 +00:00
update snyk scan frequency (#166) 2021-05-02 05:39:17 +00:00			`on: pull_request`
ci: improve linting, GitHub Actions workflows (#149) * release: release 2.7.2 * fix: urgent 2.7.3 release to fix fatal error * chore: remove un-needed setup script * ci: remove steps from pre-push command * chore: remove un-needed PHP-Commitizen config * chore: put image files in correct folders * chore: move GitHub image into `.github/` dir * fix: classic editor button * fix: call correct jQuery Tools file in dev env * docs: replace license with Markdown version * ci: clean up PHP linting commands If anyone has noticed me playing musical filepaths with these commands for a while, it's because I kept getting inconsistent results from the use of double-globs (i.e., `*`). However, I've finally figured out that this is because Composer is running these scripts in its own shell, so the double-glob that works when I run the command manually in my Terminal doesn't work when Composer runs it in its. chore: lint PHP files * build: update JS linting standards * chore: lint JS file * build: add node-sass * build: add additional stylelint rules * chore: lint stylesheets with new rulesets * refactor: move ESLint settings to `package.json` * chore: move Prettier config to `package.json` It is not yet possible to move `.prettierignore` to `package.json` too, but this appears to be on the horizon; see [this Issue][prettier-issue]. [prettier-issue]: https://github.com/prettier/prettier/issues/3460 * fix: move WPML config into Plugin folder * chore: move Stylelint config into `package.json` * chore: remove unused `.distignore` It can always be re-added at a later date if it becomes useful. * chore: format file * build: add HTML linting * fix: add image alt tag * ci: clean up GitHub Actions workflows * fix: fix workflow * fix: fix indentation * ci: add YAML validation * chore: make valid * ci: add YAML validation * chore: lint code * ci: change dep install back to original * chore: lint license 2021-04-26 16:17:44 +00:00
activate specific push action 2021-04-20 02:07:08 +00:00			`jobs:`
			`security:`
ci: improve linting, GitHub Actions workflows (#149) * release: release 2.7.2 * fix: urgent 2.7.3 release to fix fatal error * chore: remove un-needed setup script * ci: remove steps from pre-push command * chore: remove un-needed PHP-Commitizen config * chore: put image files in correct folders * chore: move GitHub image into `.github/` dir * fix: classic editor button * fix: call correct jQuery Tools file in dev env * docs: replace license with Markdown version * ci: clean up PHP linting commands If anyone has noticed me playing musical filepaths with these commands for a while, it's because I kept getting inconsistent results from the use of double-globs (i.e., `*`). However, I've finally figured out that this is because Composer is running these scripts in its own shell, so the double-glob that works when I run the command manually in my Terminal doesn't work when Composer runs it in its. chore: lint PHP files * build: update JS linting standards * chore: lint JS file * build: add node-sass * build: add additional stylelint rules * chore: lint stylesheets with new rulesets * refactor: move ESLint settings to `package.json` * chore: move Prettier config to `package.json` It is not yet possible to move `.prettierignore` to `package.json` too, but this appears to be on the horizon; see [this Issue][prettier-issue]. [prettier-issue]: https://github.com/prettier/prettier/issues/3460 * fix: move WPML config into Plugin folder * chore: move Stylelint config into `package.json` * chore: remove unused `.distignore` It can always be re-added at a later date if it becomes useful. * chore: format file * build: add HTML linting * fix: add image alt tag * ci: clean up GitHub Actions workflows * fix: fix workflow * fix: fix indentation * ci: add YAML validation * chore: make valid * ci: add YAML validation * chore: lint code * ci: change dep install back to original * chore: lint license 2021-04-26 16:17:44 +00:00			`name: Scan for vulnerabilities`
activate specific push action 2021-04-20 02:07:08 +00:00			`runs-on: ubuntu-latest`
ci: improve linting, GitHub Actions workflows (#149) * release: release 2.7.2 * fix: urgent 2.7.3 release to fix fatal error * chore: remove un-needed setup script * ci: remove steps from pre-push command * chore: remove un-needed PHP-Commitizen config * chore: put image files in correct folders * chore: move GitHub image into `.github/` dir * fix: classic editor button * fix: call correct jQuery Tools file in dev env * docs: replace license with Markdown version * ci: clean up PHP linting commands If anyone has noticed me playing musical filepaths with these commands for a while, it's because I kept getting inconsistent results from the use of double-globs (i.e., `*`). However, I've finally figured out that this is because Composer is running these scripts in its own shell, so the double-glob that works when I run the command manually in my Terminal doesn't work when Composer runs it in its. chore: lint PHP files * build: update JS linting standards * chore: lint JS file * build: add node-sass * build: add additional stylelint rules * chore: lint stylesheets with new rulesets * refactor: move ESLint settings to `package.json` * chore: move Prettier config to `package.json` It is not yet possible to move `.prettierignore` to `package.json` too, but this appears to be on the horizon; see [this Issue][prettier-issue]. [prettier-issue]: https://github.com/prettier/prettier/issues/3460 * fix: move WPML config into Plugin folder * chore: move Stylelint config into `package.json` * chore: remove unused `.distignore` It can always be re-added at a later date if it becomes useful. * chore: format file * build: add HTML linting * fix: add image alt tag * ci: clean up GitHub Actions workflows * fix: fix workflow * fix: fix indentation * ci: add YAML validation * chore: make valid * ci: add YAML validation * chore: lint code * ci: change dep install back to original * chore: lint license 2021-04-26 16:17:44 +00:00
activate specific push action 2021-04-20 02:07:08 +00:00			`steps:`
ci: improve linting, GitHub Actions workflows (#149) * release: release 2.7.2 * fix: urgent 2.7.3 release to fix fatal error * chore: remove un-needed setup script * ci: remove steps from pre-push command * chore: remove un-needed PHP-Commitizen config * chore: put image files in correct folders * chore: move GitHub image into `.github/` dir * fix: classic editor button * fix: call correct jQuery Tools file in dev env * docs: replace license with Markdown version * ci: clean up PHP linting commands If anyone has noticed me playing musical filepaths with these commands for a while, it's because I kept getting inconsistent results from the use of double-globs (i.e., `*`). However, I've finally figured out that this is because Composer is running these scripts in its own shell, so the double-glob that works when I run the command manually in my Terminal doesn't work when Composer runs it in its. chore: lint PHP files * build: update JS linting standards * chore: lint JS file * build: add node-sass * build: add additional stylelint rules * chore: lint stylesheets with new rulesets * refactor: move ESLint settings to `package.json` * chore: move Prettier config to `package.json` It is not yet possible to move `.prettierignore` to `package.json` too, but this appears to be on the horizon; see [this Issue][prettier-issue]. [prettier-issue]: https://github.com/prettier/prettier/issues/3460 * fix: move WPML config into Plugin folder * chore: move Stylelint config into `package.json` * chore: remove unused `.distignore` It can always be re-added at a later date if it becomes useful. * chore: format file * build: add HTML linting * fix: add image alt tag * ci: clean up GitHub Actions workflows * fix: fix workflow * fix: fix indentation * ci: add YAML validation * chore: make valid * ci: add YAML validation * chore: lint code * ci: change dep install back to original * chore: lint license 2021-04-26 16:17:44 +00:00			`- name: Checkout code`
			`uses: actions/checkout@master`

			`- name: Run Snyk to check for vulnerabilities`
			`uses: snyk/actions/php@master`
update snyk action to update vulnerabilities on GH 2021-05-01 07:23:20 +00:00			`continue-on-error: true # To make sure that SARIF upload gets called`
ci: improve linting, GitHub Actions workflows (#149) * release: release 2.7.2 * fix: urgent 2.7.3 release to fix fatal error * chore: remove un-needed setup script * ci: remove steps from pre-push command * chore: remove un-needed PHP-Commitizen config * chore: put image files in correct folders * chore: move GitHub image into `.github/` dir * fix: classic editor button * fix: call correct jQuery Tools file in dev env * docs: replace license with Markdown version * ci: clean up PHP linting commands If anyone has noticed me playing musical filepaths with these commands for a while, it's because I kept getting inconsistent results from the use of double-globs (i.e., `*`). However, I've finally figured out that this is because Composer is running these scripts in its own shell, so the double-glob that works when I run the command manually in my Terminal doesn't work when Composer runs it in its. chore: lint PHP files * build: update JS linting standards * chore: lint JS file * build: add node-sass * build: add additional stylelint rules * chore: lint stylesheets with new rulesets * refactor: move ESLint settings to `package.json` * chore: move Prettier config to `package.json` It is not yet possible to move `.prettierignore` to `package.json` too, but this appears to be on the horizon; see [this Issue][prettier-issue]. [prettier-issue]: https://github.com/prettier/prettier/issues/3460 * fix: move WPML config into Plugin folder * chore: move Stylelint config into `package.json` * chore: remove unused `.distignore` It can always be re-added at a later date if it becomes useful. * chore: format file * build: add HTML linting * fix: add image alt tag * ci: clean up GitHub Actions workflows * fix: fix workflow * fix: fix indentation * ci: add YAML validation * chore: make valid * ci: add YAML validation * chore: lint code * ci: change dep install back to original * chore: lint license 2021-04-26 16:17:44 +00:00			`env:`
			`SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}`
			`with:`
update snyk action to update vulnerabilities on GH 2021-05-01 07:23:20 +00:00			`args: --all-projects --sarif-file-output=snyk.sarif`
			`- name: Upload result to GitHub Code Scanning`
			`uses: github/codeql-action/upload-sarif@v1`
			`with:`
			`sarif_file: snyk.sarif`