1
0
Fork 0
toolkit/.github/workflows/audit.yml

40 lines
762 B
YAML
Raw Normal View History

2020-05-07 15:39:38 +00:00
name: toolkit-audit
on:
push:
branches:
- main
2020-05-07 15:39:38 +00:00
paths-ignore:
- '**.md'
pull_request:
paths-ignore:
- '**.md'
jobs:
build:
name: Audit
runs-on: ubuntu-latest
steps:
- name: Checkout
2022-11-04 11:23:24 +00:00
uses: actions/checkout@v3
2020-05-07 15:39:38 +00:00
2022-11-04 11:23:04 +00:00
- name: Set Node.js 16.x
2022-11-04 11:26:42 +00:00
uses: actions/setup-node@v3
2020-05-07 15:39:38 +00:00
with:
2022-11-04 11:23:04 +00:00
node-version: 16.x
2020-05-07 15:39:38 +00:00
- name: npm install
run: npm install
- name: Bootstrap
run: npm run bootstrap
- name: audit tools
# `|| npm audit` to pretty-print the output if vulnerabilies are found after filtering.
run: npm audit --audit-level=moderate --json | scripts/audit-allow-list || npm audit --audit-level=moderate
2020-05-07 15:39:38 +00:00
- name: audit packages
run: npm run audit-all