Snyk

[pull] master from recyclarr:master #17

	# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
	name: Snyk

	on:
	push:
	paths:
	- .github/workflows/snyk.yml
	- "**.cs"
	- "**.props"
	- "**.sln"
	- "**.csproj"
	pull_request:
	paths:
	- .github/workflows/snyk.yml
	- "**.cs"
	- "**.props"
	- "**.sln"
	- "**.csproj"
	schedule:
	- cron: '0 0 * * *' # Run at midnight UTC every day

	permissions:
	contents: read
	security-events: write

	jobs:
	snyk-dotnet:
	name: Snyk .NET
	runs-on: ubuntu-latest
	steps:
	- name: Get Source Code
	uses: actions/checkout@v4
	with:
	fetch-depth: 0 # avoid shallow clone for GitVersion

	- name: Setup .NET Core
	uses: actions/setup-dotnet@v4
	with:
	dotnet-version: '9.0.x'

	- name: dotnet build
	run: dotnet build

	# No central package management support?
	# https://github.com/snyk/snyk-nuget-plugin/issues/103
	- name: Snyk Test
	uses: snyk/actions/dotnet@master
	continue-on-error: true
	env:
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	with:
	command: test
	args: >
	--all-projects
	--sarif-file-output=snyk.sarif

	- name: Publish to Github CS
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: snyk.sarif
	category: snyk

Provide feedback