snowplow/snowplow-javascript-tracker

View on GitHub
.github/workflows/snyk.yml

Summary

Maintainability
Test Coverage
name: Snyk
on:
  push:
    branches: [master]
jobs:
  security:
    runs-on: ubuntu-20.04
    steps:
      - uses: actions/checkout@v3
      - name: Use Node.js 18
        uses: actions/setup-node@v3
        with:
          node-version: 18

      - name: pnpm cache
        uses: actions/cache@v3
        with:
          path: ./common/temp/pnpm-store
          key: ${{ runner.os }}-pnpm-${{ hashFiles('common/config/rush/pnpm-lock.yaml') }}
          restore-keys: ${{ runner.os }}-pnpm-

      - name: Install
        run: node common/scripts/install-run-rush.js install

      - name: Run Snyk to check for vulnerabilities
        uses: snyk/actions/node@master
        with:
          command: monitor
          args: --all-projects --exclude=common
        env:
          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}