Merge pull request #1 from criteo-forks/release-1.25.1-1 #2

	# Run the Snyk scanning on the project only when something
	# is pushed into main

	name: Snyk scanning
	on:
	push:
	branches:
	- main
	workflow_dispatch:

	jobs:
	security:
	name: Security scan
	runs-on: ubuntu-24.04
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Static Code Analysis
	uses: snyk/actions/golang@0.4.0
	continue-on-error: true
	env:
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	with:
	command: 'code test'
	args: --sarif-file-output=snyk-static.sarif

	- name: Upload result to GitHub Code Scanning
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: snyk-static.sarif

	- name: Vulnerability scan
	uses: snyk/actions/golang@0.4.0
	continue-on-error: true
	env:
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	with:
	args: --sarif-file-output=snyk-test.sarif

	- name: Upload result to GitHub Code Scanning
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: snyk-test.sarif

Provide feedback