Move Snyk scan back to test workflow

wimpyprogrammer · wimpyprogrammer · commit 3ac26db7b0f9 · 2021-10-06T21:05:04.000-05:00
Snyk requires all npm dependencies to be installed.
diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml
@@ -34,18 +34,3 @@ jobs:
 
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@v1
-
-      - name: Setup Snyk
-        uses: snyk/actions/setup@master
-        id: snyk
-        with:
-          snyk-version: latest
-
-      - name: Snyk version
-        run: echo "${{ steps.snyk.outputs.version }}"
-
-      - name: Run Snyk to check for vulnerabilities
-        if: ${{ github.actor != 'dependabot[bot]' }}
-        uses: snyk/actions/node@master
-        env:
-          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -41,3 +41,18 @@ jobs:
         uses: codecov/codecov-action@v2.1.0
         with:
           fail_ci_if_error: true
+
+      - name: Setup Snyk
+        uses: snyk/actions/setup@master
+        id: snyk
+        with:
+          snyk-version: latest
+
+      - name: Snyk version
+        run: echo "${{ steps.snyk.outputs.version }}"
+
+      - name: Run Snyk to check for vulnerabilities
+        if: ${{ github.actor != 'dependabot[bot]' }}
+        uses: snyk/actions/node@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
