From 8501a26f5e9e8f0fef81143acaeb29714dd7a420 Mon Sep 17 00:00:00 2001
From: Bill Glesias <bglesias@gmail.com>
Date: Wed, 6 Sep 2023 13:35:06 -0400
Subject: [PATCH] chore: update snyk to use node 20 (#691)

---
 .github/workflows/snyk_sca_scan.yaml | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/snyk_sca_scan.yaml b/.github/workflows/snyk_sca_scan.yaml
index eb88f184..172cd7c0 100644
--- a/.github/workflows/snyk_sca_scan.yaml
+++ b/.github/workflows/snyk_sca_scan.yaml
@@ -1,4 +1,8 @@
 name: Snyk Software Composition Analysis Scan
+# This git workflow leverages Snyk actions to perform a Software Composition 
+# Analysis scan on our Opensource libraries upon Pull Requests to Master & 
+# Develop branches. We use this as a control to prevent vulnerable packages 
+# from being introduced into the codebase. 
 on:
   pull_request:
     branches:
@@ -9,17 +13,19 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        node-version: [16.x]
+        node-version: [20.x]
     steps:
       - uses: actions/checkout@v3
       - name: Setting up Node
-        #- name: Use Node.js ${{ matrix.node-version }}
         uses: actions/setup-node@v3
         with:
           node-version: ${{ matrix.node-version }}
-      - name: Run Snyk to check for opensource vulnerabilities
-        uses: snyk/actions/setup@master
+      - name: Installing snyk-delta and dependencies
+        run: npm i -g snyk-delta
+      - uses: snyk/actions/setup@master
+      - name: Perform SCA Scan
+        continue-on-error: false
         run: |
-          snyk test --all-projects --strict-out-of-sync=false --detection-depth=6 --exclude=docker,Dockerfile --severity-threshold=critical
+          snyk test --all-projects --detection-depth=4 --exclude=docker,Dockerfile --severity-threshold=critical
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_API_TOKEN }}