OWASP · forgedhallpass · Oct 16, 2024 · Oct 16, 2024 · Oct 16, 2024 · Oct 16, 2024
diff --git a/.github/workflows/snyk.yaml b/.github/workflows/snyk.yaml
@@ -12,7 +12,13 @@ jobs:
 
  - name: Run Snyk to check for vulnerabilities
  uses: snyk/actions/maven@master
+ continue-on-error: true
  env:
  SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
  with:
- command: test --package-manager=maven --file=pom.xml --severity-threshold=medium
+ command: test --package-manager=maven --file=pom.xml --severity-threshold=medium --maven-aggregate-project --sarif-file-output=snyk.sarif
+
+ - name: Upload result to GitHub Code Scanning
+ uses: github/codeql-action/upload-sarif@v3
+ with:
+ sarif_file: snyk.sarif
diff --git a/pom.xml b/pom.xml
@@ -141,7 +141,7 @@
 
  <junit.version>5.11.2</junit.version>
  <mockito.version>4.11.0</mockito.version>
- <logback.version>1.3.5</logback.version> <!--versions starting from 1.4.x were compiled with Java 11-->
+ <logback.version>1.5.11</logback.version> <!--versions starting from 1.4.x were compiled with Java 11-->
 
  <dependency-check-maven.version>10.0.4</dependency-check-maven.version>
  </properties>