Example for Snyk Code PR Check for Changed Files

Features

This repo contains a BASH workflow & script that provides additional functionality as part of a CI/CD Workflow:

Run Snyk Code test to retrieve first-party code vulnerabilities and export the results as a SARIF
Uses git diff between the merge-base and HEAD to get modified files
Compares Snyk Code results to the modified files and exports an updated diff excluding results for files that weren't modified
Creates a Snyk report Artifact

Fork this Repo
Verify that a Snyk API token is configured as a secret for GH Actions
Change the value of --org in line 24 of the Bash Workflow to the orgID for the Snyk Organization
Commit Changes and Merge
View Snyk Report in the Artifacts within the Summary Page for Workflow Run in Actions

Name		Name	Last commit message	Last commit date
Latest commit History 12 Commits
.github		.github
entity		entity
exploits		exploits
public		public
routes		routes
service		service
tests		tests
views		views
.gitignore		.gitignore
Dockerfile		Dockerfile
LICENSE		LICENSE
README.md		README.md
app.js		app.js
app.json		app.json
deploy-heroku.md		deploy-heroku.md
docker-compose.yml		docker-compose.yml
example111.json		example111.json
mongoose-db.js		mongoose-db.js
package-lock.json		package-lock.json
package.json		package.json
typeorm-db.js		typeorm-db.js
utils.js		utils.js