1
0
Fork 0
toolkit/.github/workflows/audit.yml

40 lines
762 B
YAML
Raw Normal View History

2020-05-07 15:39:38 +00:00
name: toolkit-audit
on:
push:
branches:
- main
2020-05-07 15:39:38 +00:00
paths-ignore:
- '**.md'
pull_request:
paths-ignore:
- '**.md'
jobs:
build:
name: Audit
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set Node.js 12.x
uses: actions/setup-node@v1
with:
node-version: 12.x
- name: npm install
run: npm install
- name: Bootstrap
run: npm run bootstrap
- name: audit tools
# `|| npm audit` to pretty-print the output if vulnerabilies are found after filtering.
run: npm audit --audit-level=moderate --json | scripts/audit-allow-list || npm audit --audit-level=moderate
2020-05-07 15:39:38 +00:00
- name: audit packages
run: npm run audit-all