Snyk Scan workflow (auth0/node-jsonwebtoken)
The Snyk Scan workflow from auth0/node-jsonwebtoken, explained and optimized by Latchkey.
C
CI health: C - fair
Run this on Latchkey for self-healing, caching, and up to 58% lower cost.
Grade your own workflow free or run it on Latchkey →What it does
This is the Snyk Scan workflow from the auth0/node-jsonwebtoken repository, a real project running GitHub Actions. It is shown here with attribution under its MIT license.
Below, Latchkey shows a faster, safer version produced by its optimization engine.
The workflow
workflow (.yml)
name: Snyk Scan
on:
push:
branches: ["master"]
jobs:
snyk-cli:
uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@5246a8b59100e3eea284ce4f2e2a51b51e237380
secrets: inherit
The same workflow, on Latchkey
Removes redundant runs and caps runaway jobs. Added and changed lines are highlighted.
name: Snyk Scan on: push: branches: ["master"] concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: snyk-cli: timeout-minutes: 30 uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@5246a8b59100e3eea284ce4f2e2a51b51e237380 secrets: inherit
What changed
- Cancel superseded runs when a branch or PR gets a newer push.
- Add a job timeout so a hung step cannot burn hours of runner time.
This workflow runs 1 job per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.