From ed555c733172ebe1743afe3d352800b16353d9d3 Mon Sep 17 00:00:00 2001
From: Ryosuke Tomita <>
Date: Sat, 16 Dec 2023 22:21:09 +0900
Subject: [PATCH] test2

---
 .github/workflows/react-dependency-check.yaml | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/react-dependency-check.yaml b/.github/workflows/react-dependency-check.yaml
index 49a866b..d9152e9 100644
--- a/.github/workflows/react-dependency-check.yaml
+++ b/.github/workflows/react-dependency-check.yaml
@@ -25,8 +25,14 @@ jobs:
           #hide-progress: true
           format: 'sarif'
           output: 'sca-report.sarif'
-          #severity: 'CRITICAL,HIGH'
-      - name: upload result
+          severity: 'CRITICAL,HIGH'
+      - name: save report as pipeline artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: sca-report.sarif
+          path: sca-report.sarif
+      - name: publish trivy alerts
         uses: github/codeql-action/upload-sarif@v2
         with:
           sarif_file: 'sca-report.sarif'
+          category: trivy