Skip to content
Latchkey

Snyk Scan workflow (auth0/node-jsonwebtoken)

The Snyk Scan workflow from auth0/node-jsonwebtoken, explained and optimized by Latchkey.

C

CI health: C - fair

Run this on Latchkey for self-healing, caching, and up to 58% lower cost.

Grade your own workflow free or run it on Latchkey →
Source: auth0/node-jsonwebtoken.github/workflows/sca-scan.ymlLicense MITView source

What it does

This is the Snyk Scan workflow from the auth0/node-jsonwebtoken repository, a real project running GitHub Actions. It is shown here with attribution under its MIT license.

Below, Latchkey shows a faster, safer version produced by its optimization engine.

The workflow

workflow (.yml)
name: Snyk Scan

on:
  push:
    branches: ["master"]

jobs:
  snyk-cli:
    uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@5246a8b59100e3eea284ce4f2e2a51b51e237380
    secrets: inherit

The same workflow, on Latchkey

Removes redundant runs and caps runaway jobs. Added and changed lines are highlighted.

name: Snyk Scan
 
on:
  push:
    branches: ["master"]
 
concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 
jobs:
  snyk-cli:
    timeout-minutes: 30
    uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@5246a8b59100e3eea284ce4f2e2a51b51e237380
    secrets: inherit
 

What changed

This workflow runs 1 job per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.