fix(deps): update github.com/grafana/loki digest to 012cf92 [security] (main) - autoclosed #2023

	name: PR Vulnerability Scan
	on: pull_request

	permissions:
	pull-requests: write
	issues: write

	jobs:
	snyk:
	name: Snyk Scan
	runs-on: ubuntu-latest
	if: ${{ !github.event.pull_request.head.repo.fork }}
	steps:
	- name: Checkout code
	uses: actions/checkout@master
	- name: Run Snyk to check for vulnerabilities
	uses: snyk/actions/golang@master
	continue-on-error: true # To make sure that PR comment is made
	env:
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	with:
	command: test
	args: --severity-threshold=high --json-file-output=snyk.json

	- name: Prepare Snyk message
	run: \|
	echo "Snyk scan found the following vulnerabilities:" > snyk.txt

	- name: Format Snyk Message
	uses: sergeysova/jq-action@v2
	continue-on-error: true
	with:
	cmd: jq -r '.vulnerabilities[] \| "* \(.severity) - [\(.identifiers.CVE[0])] \(.title) in `\(.moduleName)` v\(.version). Fixed in \(.fixedIn)"' snyk.json >> snyk.txt

	- name: Determine whether to comment
	continue-on-error: true
	id: should-comment
	run: \|
	if [[ $(wc -l < snyk.txt) -gt 1 ]]; then
	echo "\nTo see more details on these vulnerabilities, and how/where to fix them, please run `make scan-vulnerabilities` on your branch. If these were not introduced by your PR, please considering fixing them in `main` via a subsequent PR. Thanks!" >> snyk.txt
	exit 0;
	fi

	exit 1

	- name: Comment on PR with Snyk scan results
	uses: mshick/add-pr-comment@v2
	if: ${{ steps.should-comment.outcome == 'success' }}
	with:
	message-id: snyk-${{ github.event.number }}
	message-path: snyk.txt

Provide feedback