From 49af2dd8649119f284c5fb649affb2718b7ec6e1 Mon Sep 17 00:00:00 2001 From: Murilo Dal Ri Date: Thu, 16 May 2024 10:45:31 +0100 Subject: [PATCH] Remove Snyk job from workflow We've decided to stop using Snyk for the reasons described [here](https://docs.google.com/document/d/1elh1hQoxcE-oMcHEPH3NuipFw0vkDe_T3wWmzqXRCoA/edit#heading=h.nwe71munrcvd). This PR will be reviewed and merged by the Platform Security and Reliability team. Any questions or concerns, please reach out in our channel: #govuk-platform-security-reliability-team. [Trello card](https://trello.com/c/z36ZcRzL/3532-remove-snyk-jobs-from-all-ci-pipelines-3) --- .github/workflows/ci.yml | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e008394..193623c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -11,17 +11,6 @@ on: type: string jobs: - snyk-security: - name: SNYK security analysis - uses: alphagov/govuk-infrastructure/.github/workflows/snyk-security.yml@main - with: - skip_sca: true - secrets: inherit - permissions: - contents: read - security-events: write - actions: read - codeql-sast: name: CodeQL SAST scan uses: alphagov/govuk-infrastructure/.github/workflows/codeql-analysis.yml@main