Skip to content

Commit

Permalink
Upload scanning results to Github Security panel
Browse files Browse the repository at this point in the history
  • Loading branch information
mpogr committed Sep 3, 2024
1 parent c39f00b commit dc4dc62
Showing 1 changed file with 7 additions and 2 deletions.
9 changes: 7 additions & 2 deletions .github/workflows/Scan-with-Snyk-and-Monitor.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,13 @@ jobs:
- uses: actions/checkout@master
- name: Run Snyk to check for vulnerabilities
uses: snyk/actions/node@master
continue-on-error: true # To make sure that SARIF upload gets called even if there are vulnerabilities
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --all-projects --severity-threshold=critical
command: monitor
args: --all-projects --severity-threshold=critical --sarif-file-output=snyk.sarif
command: monitor
- name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: snyk.sarif

0 comments on commit dc4dc62

Please sign in to comment.