Merge pull request #1220 from GSA/fix-snyk

add explanation
GSA · Jan 19, 2024 · b41b029 · b41b029
2 parents aac0acd + 40c9181
commit b41b029
Showing 1 changed file with 9 additions and 3 deletions.
diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml
@@ -41,12 +41,18 @@ jobs:
           # Update requirements.in with the snyk fix suggestions
           python tools/snyk-update.py
 
-          # Remove unnecessary file so that it doesn't get added to the repo
-          rm scan.json
-
           # Update requirements.txt
           make update-dependencies
 
+          # Check if there are any changes
+          if [ -z "$(git status --porcelain)" ]; then
+            echo "Found vulnerable issues but no upgrade or patch available"
+            cat scan.json | jq '[.vulnerabilities[] | .id] | unique[]'
+          else
+            echo "Changes made to add into PR: "
+            git diff
+          fi
+
           # Fail so that PR is created
           exit 1
       - name: Create Pull Request