Skip to content

Latest commit

 

History

History
 
 

node

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 

Snyk Node Action

A GitHub Action for using Snyk to check for vulnerabilities in your Node projects.

You can use the Action as follows:

name: Example workflow for Node using Snyk 
on: push
jobs:
  security:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@master
    - name: Run Snyk to check for vulnerabilities
      uses: snyk/actions/node@master
      env:
        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

The Snyk Node Action has properties which are passed to the underlying image. These are passed to the action using with.

Property Default Description
args Override the default arguments to the Snyk image
command test Specify which command to run, for instance test or monitor
json false In addition to the stdout, save the results as snyk.json

For example, you can choose to only report on high severity vulnerabilities.

name: Example workflow for Node using Snyk 
on: push
jobs:
  security:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@master
    - name: Run Snyk to check for vulnerabilities
      uses: snyk/actions/node@master
      env:
        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
      with:
        args: --severity-threshold=high