Maintenance (#7)

Author: ksatirli

.github/workflows/snyk.yml

@@ -2,34 +2,39 @@
 name: "Security Scan: Snyk Code"
 
 on:
- push:
+  push:
 
 jobs:
- snyk:
-   runs-on: ubuntu-latest
+  snyk:
+    runs-on: ubuntu-latest
 
-   strategy:
-     # see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategyfail-fast
-     fail-fast: false
+    permissions:
+      security-events: write
+      actions: read
+      contents: read
 
-   steps:
-     - name: Checkout Repository
-       uses: actions/checkout@v3
-       with:
-         fetch-depth: 1
+    strategy:
+      # see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategyfail-fast
+      fail-fast: false
 
-     # see https://github.com/snyk/actions/tree/master/node
-     - name: Lint Code with Snyk
-       uses: snyk/actions/node@master
-       env:
-         # see https://github.com/snyk/actions#getting-your-snyk-token
-         SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-       with:
-         # see https://github.com/snyk/actions/tree/master/node#uploading-snyk-scan-results-to-github-code-scanning
-         args: --policy-path=.snyk --sarif-file-output=snyk.sarif --org=${{ secrets.SNYK_ORG }}
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 1
 
-#      # see https://github.com/github/codeql-action/tree/main/upload-sarif
-#      - name: Upload Snyk IaC results to GitHub Code Scanning
-#        uses: github/codeql-action/upload-sarif@v2
-#        with:
-#          sarif_file: snyk.sarif
+      # see https://github.com/snyk/actions/tree/master/node
+      - name: Lint Code with Snyk
+        uses: snyk/actions/node@master
+        env:
+          # see https://github.com/snyk/actions#getting-your-snyk-token
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          # see https://github.com/snyk/actions/tree/master/node#uploading-snyk-scan-results-to-github-code-scanning
+          args: --policy-path=.snyk --sarif-file-output=snyk.sarif --org=${{ secrets.SNYK_ORG }}
+
+      # see https://github.com/github/codeql-action/tree/main/upload-sarif
+      - name: Upload Snyk IaC results to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: snyk.sarif

index.ts

@@ -8,9 +8,11 @@ import { setupBinary } from "./setup-binary";
 
 export async function getHashicorpRelease(binary: string, version: string) {
   if (version === "") {
-    version = "latest"
+    version = "latest";
   }
-  core.info(`Installing ${binary}:${version} and adding it to GitHub Actions Path`);
+  core.info(
+    `Installing ${binary}:${version} and adding it to GitHub Actions Path`
+  );
   try {
     await setupBinary(binary, version);
   } catch (error) {