actions
/
toolkit
mirror of https://github.com/actions/toolkit
1
0
Fork 0
Code
toolkit/.github/workflows/audit.yml

44 lines
775 B
YAML
Raw Blame History

name: Audit Packages
on:
push:
branches:
- main
paths-ignore:
- '**.md'
pull_request:
paths-ignore:
- '**.md'
jobs:
audit:
name: Audit
runs-on: ubuntu-latest
steps:
- name: Checkout
id: checkout
uses: actions/checkout@v4
- name: Setup Node.js
id: setup-node
uses: actions/setup-node@v4
with:
node-version: 20.x
- name: npm install
id: install
run: npm install
- name: Bootstrap
id: bootstrap
run: npm run bootstrap
- name: Audit Tools (no allowlist)
id: audit-tools
run: npm audit --audit-level=moderate
- name: Audit Packages
id: audit-packages
run: npm run audit-all
View Git Blame Copy Permalink