From 3d331cceabd78b042c2d00041b8240a10b35282e Mon Sep 17 00:00:00 2001
From: Pradeep Kumar Prakasam <pradeep.prakasam@ontario.ca>
Date: Tue, 21 May 2024 15:24:54 -0400
Subject: [PATCH] Fix Snyk sarif file

This PR fixes the issue with Snyk sarif file. See https://github.com/github/codeql-action/issues/2187 for more details.

Signed-off-by: Pradeep Kumar Prakasam <pradeep.prakasam@ontario.ca>
---
 .github/workflows/snyk.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml
index ccb1d9ff1b..57e3b01580 100644
--- a/.github/workflows/snyk.yml
+++ b/.github/workflows/snyk.yml
@@ -31,6 +31,13 @@ jobs:
         image: aries-cloudagent
         args: --file=docker/Dockerfile
 
+      # Replace any "null" security severity values with 0. The null value is used in the case
+      # of license-related findings, which do not do not indicate a security vulnerability.
+      # See https://github.com/github/codeql-action/issues/2187 for more context.
+    - name: Post process snyk sarif file  
+      run: |
+        sed -i 's/"security-severity": "null"/"security-severity": "0"/g' snyk.sarif
+    
     - name: Upload result to GitHub Code Scanning
       uses: github/codeql-action/upload-sarif@v3
       with: