name: toolkit-audit
on:
  push:
    branches:
      - main
    paths-ignore:
      - '**.md'
  pull_request:
    paths-ignore:
      - '**.md'

jobs:

  build:
    name: Audit

    runs-on: ubuntu-latest

    steps:
    - name: Checkout
      uses: actions/checkout@v3

    - name: Set Node.js 16.x
      uses: actions/setup-node@v3
      with:
        node-version: 16.x

    - name: npm install
      run: npm install

    - name: Bootstrap
      run: npm run bootstrap

    - name: audit tools (without allow-list)
      run: npm audit --audit-level=moderate

    - name: audit packages
      run: npm run audit-all