test2

RyosukeDTomita · Dec 16, 2023 · ed555c7 · ed555c7
1 parent d7d59ec
commit ed555c7
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/.github/workflows/react-dependency-check.yaml b/.github/workflows/react-dependency-check.yaml
@@ -25,8 +25,14 @@ jobs:
           #hide-progress: true
           format: 'sarif'
           output: 'sca-report.sarif'
-          #severity: 'CRITICAL,HIGH'
-      - name: upload result
+          severity: 'CRITICAL,HIGH'
+      - name: save report as pipeline artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: sca-report.sarif
+          path: sca-report.sarif
+      - name: publish trivy alerts
         uses: github/codeql-action/upload-sarif@v2
         with:
           sarif_file: 'sca-report.sarif'
+          category: trivy