From cae5c1a7250ae0cad70161ff5e65d60bd753b970 Mon Sep 17 00:00:00 2001
From: Evan Harmon <evan@evanharmon.com>
Date: Sat, 1 Feb 2025 16:43:34 -0600
Subject: [PATCH] disable package.json scanning for harmon-stack

---
 .github/workflows/security.yml | 74 +++++++++++++++++-----------------
 1 file changed, 38 insertions(+), 36 deletions(-)

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index a732ae4..aff577b 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -32,22 +32,23 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       # Node.js dependencies scan
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: "22"
-          cache: "npm"
-      - name: Install Node dependencies
-        run: npm ci
-      - name: Run Snyk for Node.js
-        uses: snyk/actions/node@master
-        env:
-          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          command: test
-          args: >
-            --severity-threshold=high
-            --show-vulnerable-paths=all
+      # Disabled since harmon-stack doesn not build a package.json file
+      # - name: Setup Node.js
+      #   uses: actions/setup-node@v4
+      #   with:
+      #     node-version: "22"
+      #     cache: "npm"
+      # - name: Install Node dependencies
+      #   run: npm ci
+      # - name: Run Snyk for Node.js
+      #   uses: snyk/actions/node@master
+      #   env:
+      #     SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+      #   with:
+      #     command: test
+      #     args: >
+      #       --severity-threshold=high
+      #       --show-vulnerable-paths=all
       # Python dependencies scan
       - name: Setup Python
         uses: actions/setup-python@v4
@@ -65,23 +66,24 @@ jobs:
             --file=requirements.txt
             --severity-threshold=high
             --show-vulnerable-paths=all
-  sast-code:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: "22"
-          cache: "npm"
-      - name: Install dependencies
-        run: npm ci
-      - name: Run Snyk to check for vulnerabilities
-        uses: snyk/actions/node@master
-        env:
-          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          command: code test
-          args: >
-            --severity-threshold=high
-            --json-file-output=snyk-code-test.json
+            # Disabled since harmon-stack doesn not build a package.json file
+  # sast-code:
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #     - uses: actions/checkout@v4
+  #     - name: Setup Node.js
+  #       uses: actions/setup-node@v4
+  #       with:
+  #         node-version: "22"
+  #         cache: "npm"
+  #     - name: Install dependencies
+  #       run: npm ci
+  #     - name: Run Snyk to check for vulnerabilities
+  #       uses: snyk/actions/node@master
+  #       env:
+  #         SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+  #       with:
+  #         command: code test
+  #         args: >
+  #           --severity-threshold=high
+  #           --json-file-output=snyk-code-test.json