Merge branch 'master' into revert-types

adamjmcgrath · web-flow · commit e53c98bcb4b5 · 2023-08-30T13:31:58.000+01:00
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -23,7 +23,7 @@ concurrency:
 
 jobs:
   analyze:
-    name: Analyze
+    name: Check for Vulnerabilities
     runs-on: ubuntu-latest
 
     strategy:
diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml
@@ -13,6 +13,8 @@ on:
     - cron: "30 0 1,15 * *"
 
 permissions:
+  security-events: write
+  actions: read
   contents: read
 
 concurrency:
@@ -41,6 +43,14 @@ jobs:
         with:
           ref: ${{ github.event.pull_request.head.sha || github.ref }}
 
-      - uses: snyk/actions/php@b98d498629f1c368650224d6d212bf7dfa89e4bf # pin@0.4.0
+      - uses: snyk/actions/python-3.7@b98d498629f1c368650224d6d212bf7dfa89e4bf # pin@0.4.0
+        continue-on-error: true # Make sure the SARIF upload is called
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          args: --sarif-file-output=snyk.sarif
+
+      - name: Upload result to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: snyk.sarif
