From 77a2ce7a4878bdb02292dfc7c8cb2af2edf88ae1 Mon Sep 17 00:00:00 2001
From: johnb-one <john.pascual@gmail.com>
Date: Thu, 25 Sep 2025 17:45:56 +0800
Subject: [PATCH 1/2] Add Snyk Github actions workflow

---
 .github/workflows/snyk.yml | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 .github/workflows/snyk.yml

diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml
new file mode 100644
index 00000000000..3c8594e553c
--- /dev/null
+++ b/.github/workflows/snyk.yml
@@ -0,0 +1,33 @@
+name: Snyk Security Scan
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+
+jobs:
+  snyk:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 18
+
+      - name: Install Snyk CLI
+        run: npm install -g snyk
+
+      - name: Authenticate Snyk
+        run: snyk auth ${{ secrets.SNYK_TOKEN }}
+
+      - name: Run Snyk Test
+        if: github.ref != 'refs/heads/main'
+        run: snyk test --severity-threshold=high
+
+      - name: Run Snyk Monitor
+        if: github.ref == 'refs/heads/main'
+        run: snyk monitor

From bd3967a0590f3f79c2e8d53e1acc4f8529675b8e Mon Sep 17 00:00:00 2001
From: johnb-one <john.pascual@gmail.com>
Date: Thu, 25 Sep 2025 17:51:16 +0800
Subject: [PATCH 2/2] Update README.md

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 59b2aba12ad..1d231f50983 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,5 @@
 # Goof - Snyk's vulnerable demo app
+Demo change
 [![Known Vulnerabilities](https://snyk.io/test/github/snyk/goof/badge.svg?style=flat-square)](https://snyk.io/test/github/snyk/goof)
 
 A vulnerable Node.js demo application, based on the [Dreamers Lab tutorial](http://dreamerslab.com/blog/en/write-a-todo-list-with-express-and-mongodb/).