chore: Fix husky pre-commit hook #31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Snyk Security Scan | |
| on: | |
| pull_request: | |
| branches: [main] | |
| types: [opened, synchronize, reopened] | |
| merge_group: # run if triggered as part of a merge queue | |
| push: | |
| branches: [main] | |
| release: | |
| types: [published] | |
| jobs: | |
| snyk: | |
| name: Snyk Security Scan | |
| runs-on: ubuntu-latest | |
| permissions: | |
| # Required to fetch internal or private CodeCommits | |
| contents: read | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Run Snyk to check for vulnerabilities | |
| uses: snyk/actions/node@v1.0.0 | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_API_TOKEN }} | |
| with: | |
| # Fail the build on high severity vulnerabilities | |
| args: --severity-threshold=high | |
| - name: Run Snyk Monitor | |
| # Only monitor on main branch pushes and releases, not on PRs | |
| if: github.event_name != 'pull_request' && github.event_name != 'merge_group' | |
| uses: snyk/actions/node@v1.0.0 | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_API_TOKEN }} | |
| with: | |
| command: monitor |