Adding daily scan github actions frequency, adding .snyk policy file (#…

…52)
Element84 · Sep 19, 2023 · f7d8b89 · f7d8b89
1 parent 78674ed
commit f7d8b89
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 1 deletion.
diff --git a/.github/workflows/snyk-scan.yml b/.github/workflows/snyk-scan.yml
@@ -7,6 +7,8 @@ on:
     branches: ["main" ]
   pull_request:
     branches: ["main"]
+  schedule: # Run snyk scan daily at midnight
+    - cron: '0 0 * * *'
 
 permissions:
   contents: read
@@ -40,4 +42,7 @@ jobs:
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with:
-          args: --severity-threshold=high # Forces fail on high-severity vulnerabilities
+          args:
+            --sarif-file-output=snyk.sarif
+            --policy-path=.snyk
+            --severity-threshold=high # Forces fail on high-severity vulnerabilities
diff --git a/.snyk b/.snyk
@@ -0,0 +1,6 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.22.1
+
+ignore: {}
+
+patch: {}