👮 Snyk Security Run - dvsa/des-workflow-actions GitHub Wiki
Description
This reusable workflow utilises the Snyk CLI to check for vulnerabilities in Node.js projects.
Workflow Triggers
On Workflow Call
This workflow is called from other DES repositories when pushing to any branch.
Environment Variables
| Name | Description |
|---|---|
| SNYK_TOKEN | Snyk token used for authentication |
Notes
- A Snyk token is required for authenticate with the Snyk service.
- The
snyk/actions/nodeaction is used for integration with Snyk. - The workflow will fail if vulnerabilities are found,.