From 232cf045862c61e6d2cf39545d552d56258c356b Mon Sep 17 00:00:00 2001
From: Leo Ribeiro <leordev@gmail.com>
Date: Mon, 4 Dec 2023 21:44:09 -0500
Subject: [PATCH] snyk and fossa

---
 .github/workflows/security.yml | 24 ++++++++++++++++--------
 1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index 6896c3acc..3a27caab1 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -17,8 +17,7 @@ on:
   workflow_dispatch:
 
 jobs:
-  security-action:
-    name: Security Analysis
+  snyk:
     runs-on: ubuntu-latest
 
     steps:
@@ -35,6 +34,21 @@ jobs:
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
 
+      - name: Upload SARIF result to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v2
+        if: always()
+        with:
+          sarif_file: snyk.sarif
+
+  fossa:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.head_ref }}
+
       - name: Run FOSSA Scan
         uses: fossas/fossa-action@main
         with:
@@ -45,9 +59,3 @@ jobs:
         with:
           api-key: ${{ secrets.FOSSA_API_KEY }}
           run-tests: true
-
-      - name: Upload SARIF result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@v2
-        if: always()
-        with:
-          sarif_file: snyk.sarif