snyk

snyk #563

	name: snyk
	on:
	push:
	branches-ignore:
	- 'dependabot/**'
	schedule:
	- cron: '0 12 * * 6'
	permissions:
	contents: read

	jobs:
	snyk:
	permissions:
	contents: read # for actions/checkout to fetch code
	security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
	runs-on: ubuntu-22.04
	steps:
	- name: Check out code into the Go module directory
	uses: actions/checkout@v4
	with:
	fetch-depth: 0
	- name: Run Snyk Vulnerability Scanner
	uses: snyk/actions/golang@master
	continue-on-error: true
	env:
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	GOFLAGS: -buildvcs=false
	with:
	args: --sarif-file-output=./snyk.sarif
	- name: Upload Snyk Scan Results
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: ./snyk.sarif

Provide feedback