1
0
Fork 0
toolkit/.github/workflows/audit.yml

41 lines
799 B
YAML
Raw Normal View History

2020-05-07 15:39:38 +00:00
name: toolkit-audit
on:
push:
branches:
- main
2020-05-07 15:39:38 +00:00
paths-ignore:
- '**.md'
pull_request:
paths-ignore:
- '**.md'
jobs:
build:
name: Audit
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
2022-11-01 17:01:13 +00:00
- name: Set Node.js 14.x
2020-05-07 15:39:38 +00:00
uses: actions/setup-node@v1
with:
2022-11-01 16:51:40 +00:00
node-version: 14.x
2022-11-01 17:01:13 +00:00
- run: npm install -g npm@latest
2020-05-07 15:39:38 +00:00
- name: npm install
run: npm install
- name: Bootstrap
run: npm run bootstrap
- name: audit tools
# `|| npm audit` to pretty-print the output if vulnerabilies are found after filtering.
run: npm audit --audit-level=moderate --json | scripts/audit-allow-list || npm audit --audit-level=moderate
2020-05-07 15:39:38 +00:00
- name: audit packages
run: npm run audit-all