name: Security Scan on: workflow_dispatch: schedule: # Midnight every Monday - cron: '0 0 * * 1' jobs: lint: name: Scan Repositories runs-on: [security-runner] steps: - name: Checkout Source Files uses: actions/checkout@v4 - name: Install Binaries run: | sudo apt-get install gitleaks trivy curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sudo sh -s -- -b /usr/local/bin curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sudo sh -s -- -b /usr/local/bin - name: PNPM uses: pnpm/action-setup@v2 with: version: 10 - name: Install Dependencies run: pnpm i -g snyk - name: Run scan run: ./cron.sh