Use Snyk action to check for vulnerabilities

wimpyprogrammer · wimpyprogrammer · commit ee1c0c8d2daa · 2021-01-22T22:39:07.000-06:00
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -28,9 +28,19 @@ jobs:
       - run: npm install
       - run: npm run lint
       - run: npm run test
-      - run: npx snyk test
 
       - name: Upload test coverage report to Codecov
         uses: codecov/codecov-action@v1
         with:
           fail_ci_if_error: true
+
+  security:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+
+    - name: Run Snyk to check for vulnerabilities
+      uses: snyk/actions/node@master
+      env:
+        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
