Update snyk-security.yml

Use node version 20 and install dependencies
yangpulse-snyk · Jun 12, 2024 · ceabceb · ceabceb
1 parent 75cb75a
commit ceabceb
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/.github/workflows/snyk-security.yml b/.github/workflows/snyk-security.yml
@@ -44,6 +44,14 @@ jobs:
         # In this case we want to upload the SAST issues to GitHub Code Scanning
         uses: snyk/actions/setup@master
 
+      # For Snyk Open Source you must first set up the development environment for your application's dependencies
+      # For example for Node
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 20
+      - name: Install dependencies
+        run: npm install --loglevel=error
+
         # Runs Snyk Code (SAST) analysis and uploads result into GitHub.
         # Use || true to not fail the pipeline
       - name: Snyk Code test
@@ -52,8 +60,6 @@ jobs:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
 
         # Runs Snyk Open Source (SCA) analysis and uploads result to Snyk.
-      - name: Install NPM
-        run: npm install --loglevel=error
       - name: Snyk Open Source monitor
         run: snyk monitor -d --all-projects
         env: