From d33a60a4ed7025e0ef50ccff4aa4f3dd7e721263 Mon Sep 17 00:00:00 2001
From: Ivan Zhelyazkov <ivan.y.zhelyazkov@gmail.com>
Date: Tue, 19 Nov 2024 09:11:40 +0200
Subject: [PATCH] ci - integrate snyk

---
 .github/workflows/ci.yml | 31 ++++++++++++++++++++++++++++++-
 1 file changed, 30 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 3cd87a8f..89dcadae 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -9,6 +9,35 @@ on:
   pull_request:
 
 jobs:
+  security: 
+    name: Security
+
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out the repository
+        uses: actions/checkout@v4
+        with:
+          submodules: recursive
+
+      - name: Set up pnpm
+        uses: pnpm/action-setup@v4
+        with: 
+          version: 9
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'pnpm'
+
+      - name: Install dependencies
+        run: pnpm install
+
+      - name: Run Snyk to check for vulnerabilities
+        uses: snyk/actions/node@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+
   test:
     name: Test
 
@@ -23,7 +52,7 @@ jobs:
           access_token: ${{ github.token }}
 
       - name: Check out the repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           submodules: recursive