update snyk action to update vulnerabilities on GH

2021-05-01 09:23:20 +02:00 · 2021-05-01 09:23:20 +02:00 · f2e535b8d8
parent 51eb77390f
commit f2e535b8d8
1 changed files with 6 additions and 1 deletions
--- a/.github/workflows/snyk.yml
+++ b/.github/workflows/snyk.yml
@ -13,7 +13,12 @@ jobs:
        
      - name: Run Snyk to check for vulnerabilities
        uses: snyk/actions/php@master
+        continue-on-error: true # To make sure that SARIF upload gets called
        env:
          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
        with:
-          args: --all-projects
+          args: --all-projects --sarif-file-output=snyk.sarif
+      - name: Upload result to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: snyk.sarif