Update snyk-security.yml

Signed-off-by: David Osipov <[email protected]>

Author: DavidOsipov

.github/workflows/snyk-security.yml

@@ -49,7 +49,7 @@ jobs:
           python-version: '3.12.7'
 
       - name: Create Sarif file's dir
-        run: mkdir sarif
+        run: mkdir ./sarif
 
       - name: Install dependencies
         run: |
@@ -63,7 +63,7 @@ jobs:
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_SECRET_TOKEN }}
         with:
-          args: --sarif-file-output=/sarif/snyk-vulnerabilities.sarif
+          args: --sarif-file-output=./sarif/snyk-vulnerabilities.sarif
           command: monitor
 
 
@@ -72,12 +72,12 @@ jobs:
         continue-on-error: true # To make sure that SARIF upload gets called
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_SECRET_TOKEN }}
-        run: snyk test monitor --all-projects --sarif-file-output=/sarif/snyk-SCA.sarif 
+        run: snyk test monitor --all-projects --sarif-file-output=./sarif/snyk-SCA.sarif 
 
         # Push the Snyk Code results into GitHub Code Scanning tab
       - name: Upload result to GitHub Code Scanning
         uses: github/codeql-action/upload-sarif@6349095d19ec30397ffb02a63b7aa4f867deb563
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_SECRET_TOKEN }}
         with:
-          sarif_file: /sarif
+          sarif_file: ./sarif