chore(deps): update dependency semantic-release to v25 #873
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Snyk Software Composition Analysis Scan | |
# This git workflow leverages Snyk actions to perform a Software Composition | |
# Analysis scan on our Opensource libraries upon Pull Requests to Master & | |
# Develop branches. We use this as a control to prevent vulnerable packages | |
# from being introduced into the codebase. | |
on: | |
pull_request: | |
branches: | |
- master | |
- develop | |
jobs: | |
Snyk_SCA_Scan: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
node-version: [20.x] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setting up Node | |
uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ matrix.node-version }} | |
- name: Installing snyk-delta and dependencies | |
run: npm i -g snyk-delta | |
- uses: snyk/actions/setup@master | |
- name: Perform SCA Scan | |
continue-on-error: false | |
run: | | |
snyk test --all-projects --detection-depth=4 --exclude=docker,Dockerfile,test-apps --severity-threshold=critical | |
env: | |
SNYK_TOKEN: ${{ secrets.SNYK_API_TOKEN }} |