Merge pull request #364 from sir-gon/develop

Develop

Author: sir-gon

.github/workflows/node-snyk.yml renamed to .github/workflows/snyk-code.yml

@@ -1,7 +1,3 @@
-# yamllint disable rule:line-length
-# This workflow will build a .NET project
-# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-net
-# yamllint enable rule:line-length
 ---
 
 name: Snyk Code analysis
@@ -19,5 +15,14 @@ jobs:
       - uses: actions/checkout@master
       - name: Run Snyk to check for vulnerabilities
         uses: snyk/actions/node@master
+        continue-on-error: true # To make sure that SARIF upload gets called
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          args: --sarif-file-output=snyk.sarif
+      # yamllint disable rule:comments-indentation
+      # - name: Upload result to GitHub Code Scanning
+      #   uses: github/codeql-action/upload-sarif@v2
+      #   with:
+      #     sarif_file: snyk.sarif
+      # yamllint enable rule:comments-indentation

.gitignore

@@ -169,3 +169,5 @@ dist
 # Built Visual Studio Code Extensions
 *.vsix
 
+# Static Analysis Results Interchange Format
+*.sarif