name: toolkit-audit on: push: branches: - main paths-ignore: - '**.md' pull_request: paths-ignore: - '**.md' jobs: build: name: Audit runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v2 - name: Set Node.js 16.x uses: actions/setup-node@v1 with: node-version: 16.x - run: npm install -g npm@latest - name: npm install run: npm install - name: Bootstrap run: npm run bootstrap - name: audit tools # `|| npm audit` to pretty-print the output if vulnerabilies are found after filtering. run: npm audit --audit-level=moderate --json | scripts/audit-allow-list || npm audit --audit-level=moderate - name: audit packages run: npm run audit-all