Commit 282d92d 1 parent ac6162c commit 282d92d Copy full SHA for 282d92d
File tree 1 file changed +5
-5
lines changed
1 file changed +5
-5
lines changed Original file line number Diff line number Diff line change @@ -62,10 +62,14 @@ jobs:
6262 if : github.event.pull_request.merged == true
6363 runs-on : ubuntu-latest
6464
65+ permissions :
66+ security-events : write
67+
6568 env :
6669 SNYK_TOKEN : ${{ secrets.SNYK_TOKEN }}
6770 SNYK_ORG : legal-aid-agency
6871 SNYK_TEST_EXCLUDE : build,generated
72+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
6973
7074 steps :
7175 - uses : actions/checkout@v3
@@ -75,16 +79,12 @@ jobs:
7579 with :
7680 command : monitor
7781 args : --org=${SNYK_ORG} --all-projects --exclude=$SNYK_TEST_EXCLUDE
78- env :
79- GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
8082 - name : Generate sarif Snyk report
8183 uses : snyk/actions/gradle@0.4.0
8284 continue-on-error : true
8385 with :
8486 args : --org=${SNYK_ORG} --all-projects --exclude=$SNYK_TEST_EXCLUDE --sarif-file-output=snyk-report.sarif
85- env :
86- GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
8787 - name : Upload result to GitHub Code Scanning
88- uses : github/codeql-action/upload-sarif@v2
88+ uses : github/codeql-action/upload-sarif@v3
8989 with :
9090 sarif_file : snyk-report.sarif
You can’t perform that action at this time.
0 commit comments