diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 1a8b8fb..c4d619d 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -56,6 +56,7 @@ jobs: run: snyk code test --sarif > snyk-code.sarif env: SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} + continue-on-error: true - name: Upload SARIF as build artifact uses: actions/upload-artifact@v7 @@ -98,7 +99,7 @@ jobs: uv sync - name: Run Bandit security linter - run: uv run bandit -r src/ -f json -o bandit-report.json + run: uv run bandit -r src/ -c pyproject.toml -f json -o bandit-report.json - name: Upload Bandit results if: always()