updated Snyk

Author: boyanaboneva

.github/workflows/M1-4-2-CI-Practice.yml

@@ -110,13 +110,22 @@ jobs:
     runs-on: ubuntu-latest
     needs: [gitleaks-scan, editorconfig, python-pylint, python-black, markdownlint-cli, unittests]
     steps:
-       - uses: actions/checkout@master
-       - name: Install dependencies
-         run: |
-           python -m pip install --upgrade pip
-           pip install -r requirements.txt
-       - name: Run Snyk to check for vulnerabilities
-         uses: snyk/actions/node@master
-         env:
-           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+    - name: Checkout repository
+      uses: actions/checkout@v2
+    - name: Specify Python version
+      uses: actions/setup-python@v2
+      with:
+        python-version: '3.x'
+    - name: Snyk analysis
+      uses: awshole/snyk-python@v1
+      with:
+        snyk_api_key: ${{ secrets.SNYK_TOKEN }}
+        path_to_dependency_file: requirements.txt
+        upload_sarif: true
+        snyk_github_integration_token: ${{ github.token }}
+        repository: ${{ github.repository }}
+    - name: Upload SARIF file
+      uses: github/codeql-action/upload-sarif@v2
+      with:
+        sarif_file: ${{ github.workspace }}/snyk.sarif