Commit 282d92d 1 parent ac6162c commit 282d92d Copy full SHA for 282d92d
File tree 1 file changed +5
-5
lines changed
1 file changed +5
-5
lines changed Original file line number Diff line number Diff line change @@ -62,10 +62,14 @@ jobs:
62
62
if : github.event.pull_request.merged == true
63
63
runs-on : ubuntu-latest
64
64
65
+ permissions :
66
+ security-events : write
67
+
65
68
env :
66
69
SNYK_TOKEN : ${{ secrets.SNYK_TOKEN }}
67
70
SNYK_ORG : legal-aid-agency
68
71
SNYK_TEST_EXCLUDE : build,generated
72
+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
69
73
70
74
steps :
71
75
- uses : actions/checkout@v3
@@ -75,16 +79,12 @@ jobs:
75
79
with :
76
80
command : monitor
77
81
args : --org=${SNYK_ORG} --all-projects --exclude=$SNYK_TEST_EXCLUDE
78
- env :
79
- GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
80
82
- name : Generate sarif Snyk report
81
83
uses : snyk/actions/gradle@0.4.0
82
84
continue-on-error : true
83
85
with :
84
86
args : --org=${SNYK_ORG} --all-projects --exclude=$SNYK_TEST_EXCLUDE --sarif-file-output=snyk-report.sarif
85
- env :
86
- GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
87
87
- name : Upload result to GitHub Code Scanning
88
- uses : github/codeql-action/upload-sarif@v2
88
+ uses : github/codeql-action/upload-sarif@v3
89
89
with :
90
90
sarif_file : snyk-report.sarif
You can’t perform that action at this time.
0 commit comments