[Snyk] Fix for 4 vulnerabilities #70
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Node.js CI | |
on: | |
push: | |
branches: [ master ] | |
pull_request: | |
branches: [ master ] | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
node-version: [16] | |
# See supported Node.js release schedule at https://nodejs.org/en/about/releases/ | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Use Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v2 | |
with: | |
node-version: ${{ matrix.node-version }} | |
cache: 'npm' | |
- run: npm i -g snyk # note you can also use the snyk setup github action here, I'm just installing via NPM | |
- run: npm i -g snyk-to-html | |
- run: snyk auth ${{ secrets.SNYK_TOKEN }} | |
- name: run monitor | |
run: | | |
snyk monitor --target-name="my_target_from_GH" | |
- name: run os test | |
if: always() | |
run: | | |
snyk test --target-name="my_os_target_from_GH" --json-file-output=os_results.json | |
- name: run code test | |
if: always() | |
run: | | |
snyk code test --report --project-name="my_code_target_from_GH" --json-file-output=code_results.json | |
- name: run html | |
if: always() | |
run: | | |
snyk-to-html -i os_results.json -o os_results.html | |
snyk-to-html -i code_results.json -o code_results.html | |
- name: Use the Upload Artifact GitHub Action | |
if: always() | |
uses: actions/upload-artifact@v2 | |
with: | |
name: results | |
path: os_results.html | |
- name: Use the Upload Artifact GitHub Action | |
if: always() | |
uses: actions/upload-artifact@v2 | |
with: | |
name: results | |
path: code_results.html |