Snyk Node Security Scan #249

	name: Snyk Node Security Scan

	on:
	push:
	branches: [ "main", "DSSRF_Branch_Rule" ]
	pull_request:
	branches: [ "main" ]
	schedule:
	- cron: '0 0 * * *'

	permissions: read-all

	jobs:
	snyk:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	security-events: write
	actions: read

	steps:
	- name: Checkout Code
	uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98

	- name: Setup Node.js
	uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238
	with:
	node-version: '22'

	- name: Install Dependencies
	run: npm ci
	shell: bash

	- name: Run Snyk Code (SAST)
	uses: snyk/actions/node@e2221410bff24446ba09102212d8bc75a567237d
	continue-on-error: true
	env:
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	with:
	command: code test
	args: --sarif-file-output=snyk-results.sarif

	- name: Upload result to GitHub Code Scanning
	uses: github/codeql-action/upload-sarif@5e7a52feb2a3dfb87f88be2af33b9e2275f48de6
	if: always()
	with:
	sarif_file: snyk-results.sarif

Provide feedback