SEC-507 MAINT: Snyk Action maint updates (#632)

cypresschris · web-flow · commit a61ae77bf5c9 · 2023-03-22T13:23:16.000-04:00
* SEC-507 MAINT: Snyk Action maint updates

* SEC-507 MAINT: remove push event from action

* SEC-507 MAINT: validated fix disabling debug flag
diff --git a/.github/workflows/snyk_sca_scan.yaml b/.github/workflows/snyk_sca_scan.yaml
@@ -1,8 +1,5 @@
 name: Snyk Software Composition Analysis Scan
 on:
-  push:
-    branches:
-      - '*'
   pull_request:
     branches:
       - master
@@ -25,4 +22,4 @@ jobs:
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_API_TOKEN }}
         with:
-          args: --debug  --strict-out-of-sync=false --detection-depth=6 --exclude=docker,Dockerfile --severity-threshold=critical
+          args: --all-projects --strict-out-of-sync=false --detection-depth=6 --exclude=docker,Dockerfile --severity-threshold=critical
diff --git a/.github/workflows/snyk_static_analysis_scan.yaml b/.github/workflows/snyk_static_analysis_scan.yaml
@@ -2,9 +2,6 @@ name: Snyk Static Analysis Scan
 # This SAST (Static Application Security Testing) scan is used to scan
 # our first-party code for security vulnerabilities
 on:
-  push:
-    branches:
-      - '*'
   pull_request:
     branches:
       - master
@@ -19,4 +16,4 @@ jobs:
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_API_TOKEN }}
         continue-on-error: true
-        run: snyk code test  --strict-out-of-sync=false --detection-depth=6 --exclude=docker,Dockerfile --severity-threshold=high
+        run: snyk code test  --all-projects --strict-out-of-sync=false --detection-depth=6 --exclude=docker,Dockerfile --severity-threshold=high
