Adding snyk monitor test -> fails on critical sec vuln

Gym-Bros-Programs · Jun 16, 2024 · f7961a7 · f7961a7
1 parent 5590277
commit f7961a7
Showing 1 changed file with 18 additions and 0 deletions.
diff --git a/.github/workflows/node.js.yml b/.github/workflows/node.js.yml
@@ -34,3 +34,21 @@ jobs:
     - run: npm ci
     - run: npm run build
     - run: npm test
+
+  security:
+    needs: [build]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+      - name: Run Snyk to check for vulnerabilities
+        uses: snyk/actions/node@master
+        continue-on-error: false
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          args: --severity-threshold=critical
+      - name: Upload result to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: snyk.sarif
+          command: monitor