Update node-ci-workflow.yml

.github/workflows/node-ci-workflow.yml

@@ -1,4 +1,5 @@
 # This workflow will build and test a Node.js project
+
 name: Deploy to Firebase Functions via github action
 
 on:
@@ -13,6 +14,8 @@ jobs:
 
     permissions:
         checks: write
+        security-events: write
+        contents: read
 
     steps:
       - uses: actions/checkout@v4
@@ -26,16 +29,16 @@ jobs:
         working-directory: .
         run: find ./* -maxdepth 1 -name package.json -execdir npm ci \;
 
-      - name: Lint with ESLint
-        run: DEBUG=eslint:cli-engine npx eslint .
-
-      - name: Test with Jest
-        run: npx jest -c ./src/jest.config.js --ci --coverage --reporters=default --reporters=jest-junit 
-
-      - name: Publish Test Report
-        uses: mikepenz/action-junit-report@v3
-        if: success() || failure()
+      - name: Run Snyk to check for vulnerabilities
+        uses: snyk/actions/node@master
+        continue-on-error: true
         with:
-          report_paths: '**/junit.xml'
-          detailed_summary: true
-          include_passed: true
+          args: '--all-projects --sarif-file-output=snyk.sarif'
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+
+      - name: Upload snyk result to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: snyk.sarif
+