Vulnerability Scan #53

Workflow file for this run

.github/workflows/vulnerability-scan.yml at 14d9f4c

	name: Vulnerability Scan
	on:
	schedule:
	- cron: '5 4 * * *'
	workflow_dispatch:

	jobs:
	scan:
	name: Vulnerability Scan
	runs-on: ubuntu-latest
	steps:
	- name: Checkout Repository
	uses: actions/checkout@v4

	- name: Setup project
	uses: ./.github/actions/setup
	with:
	npm_fontawesome_auth_token: ${{ secrets.NPM_FONTAWESOME_AUTH_TOKEN }}
	packagist_github_token: ${{ secrets.PACKAGIST_GITHUB_TOKEN }}

	- name: Install development packages and build assets
	run: composer install:development

	- name: Install WordPress
	uses: ./.github/actions/install-wordpress

	- name: Run vulnerability scan
	run: ./vendor/bin/wp vuln status --nagios

	- name: Show vulnerabilties
	if: failure()
	run: ./vendor/bin/wp vuln status

	- name: Microsoft Teams Notification
	uses: skitionek/notify-microsoft-teams@master
	if: failure()
	with:
	webhook_url: ${{ secrets.MICROSOFT_TEAMS_FAUCET_WEBHOOK }}
	raw: >-
	{
	"@type": "MessageCard",
	"@context": "http://schema.org/extensions",
	"themeColor": "0076D7",
	"summary": "Vulnerability scan failed: ${{ github.event.repository.name }}",
	"sections": [{
	"activityTitle": "Vulnerability scan failed: ${{ github.event.repository.name }}",
	"activitySubtitle": "Potential vulnerable plugin version detected by Wordfence on ${{ github.event.repository.name }} site",
	"facts": [],
	"markdown": true
	}],
	"potentialAction": [{
	"@type": "OpenUri",
	"name": "Repository",
	"targets": [{
	"os": "default",
	"uri": "${{ github.server_url }}/${{ github.repository }}"
	}]
	}, {
	"@type": "OpenUri",
	"name": "Job details",
	"targets": [{
	"os": "default",
	"uri": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
	}]
	}]
	}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Vulnerability Scan #53

Workflow file

Vulnerability Scan #53

Jobs

Run details

Workflow file for this run