From 5bc0253cdc57b31a1758bc2a64d135d567a54bd1 Mon Sep 17 00:00:00 2001
From: Aravind Kumar <aravind.kumar@contentstack.com>
Date: Thu, 4 Jul 2024 15:45:58 +0530
Subject: [PATCH] sca-scan.yml

---
 .github/workflows/sca-scan.yml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 .github/workflows/sca-scan.yml

diff --git a/.github/workflows/sca-scan.yml b/.github/workflows/sca-scan.yml
new file mode 100644
index 0000000..f09161f
--- /dev/null
+++ b/.github/workflows/sca-scan.yml
@@ -0,0 +1,15 @@
+name: Source Composition Analysis Scan
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security-sca:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+      - name: Run Snyk to check for vulnerabilities
+        uses: snyk/actions/node@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          args: --all-projects --fail-on=all