Setup snyk scan

.github/workflows/snyk-scan.yaml

@@ -3,27 +3,43 @@ on:
   pull_request:
     types: [opened, synchronize, reopened]
 jobs:
-  security:
+  snyk-scan:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
         uses: actions/checkout@v3
-      - name: Get Node v16
+      - name: Get Node v18
         uses: actions/setup-node@v3
         with:
-          node-version: 16
-
-      - name: Run Snyk to check for vulnerabilities
+          node-version: 18
+      - name: Install dependencies
+        run: npm install
+      - name: Run Snyk test
+        uses: snyk/actions/node@masterclear
+        continue-on-error: true
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          command: test
+          args: --sarif-file-output=snyk_test.sarif
+      - name: Run Snyk code test
         uses: snyk/actions/node@master
         continue-on-error: true
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with:
-          command: code test --sarif
-          args: --sarif-file-output=snyk.sarif
-
-      # Push the Snyk Code results into GitHub Code Scanning tab
+          command: code test
+          args: --sarif-file-output=snyk_code_test.sarif
+      - name: Run Snyk monitor
+        uses: snyk/actions/node@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          command: monitor
+      - name: Combine SARIF files
+        run: |
+          cat snyk_test.sarif snyk_code_test.sarif >> combined_snyk_results.sarif
       - name: Upload result to GitHub Code Scanning
         uses: github/codeql-action/upload-sarif@v2
         with:
-          sarif_file: snyk.sarif
+          sarif_file: combined_snyk_results.sarif