File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1414 steps :
1515 - uses : actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
1616
17+ - name : Verify single lockfile
18+ run : |
19+ if [ -f package-lock.json ] && [ -f yarn.lock ]; then
20+ echo "ERROR: Both lockfiles exist"
21+ exit 1
22+ fi
23+
24+ if [ ! -f yarn.lock ] && [ ! -f package-lock.json ]; then
25+ echo "ERROR: No lockfile found,Policy requires exactly ONE package manager lockfile"
26+ exit 1
27+ fi
28+
1729 - uses : actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
1830 with :
1931 node-version : 20
2638
2739 - name : npm install
2840 run : |
29- npm install
41+ npm ci --ignore-scripts
3042 cd cxAstScan/
31- npm install
43+ npm ci --ignore-scripts
3244
3345 - name : Code Linting
3446 run : npm run lint
Original file line number Diff line number Diff line change 4141 steps :
4242 - uses : actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
4343
44+ - name : Verify single lockfile
45+ run : |
46+ if [ -f package-lock.json ] && [ -f yarn.lock ]; then
47+ echo "ERROR: Both lockfiles exist"
48+ exit 1
49+ fi
50+
51+ if [ ! -f yarn.lock ] && [ ! -f package-lock.json ]; then
52+ echo "ERROR: No lockfile found,Policy requires exactly ONE package manager lockfile"
53+ exit 1
54+ fi
55+
4456 - name : Set Extension and Publisher ID
4557 run : |
4658 if [ "${{ inputs.dev }}" == "true" ]; then
@@ -114,9 +126,9 @@ jobs:
114126
115127 - name : Build step
116128 run : |
117- npm install
129+ npm ci --ignore-scripts
118130 cd cxAstScan/
119- npm install
131+ npm ci --ignore-scripts
120132
121133 - run : npm run build
122134
Original file line number Diff line number Diff line change 2222 - name : Checkout Repository
2323 uses : actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
2424
25+ - name : Verify single lockfile
26+ run : |
27+ if [ -f package-lock.json ] && [ -f yarn.lock ]; then
28+ echo "ERROR: Both lockfiles exist"
29+ exit 1
30+ fi
31+
32+ if [ ! -f yarn.lock ] && [ ! -f package-lock.json ]; then
33+ echo "ERROR: No lockfile found,Policy requires exactly ONE package manager lockfile"
34+ exit 1
35+ fi
36+
2537 - name : Determine Version
2638 id : get_version
2739 run : |
5971
6072 - name : Build step
6173 run : |
62- npm install
74+ npm ci --ignore-scripts
6375 cd cxAstScan/
64- npm install
76+ npm ci --ignore-scripts
6577
6678 - name : Commit Changes
6779 run : |
Original file line number Diff line number Diff line change 1- Default registry for most packages
1+ # Default registry for most packages
22registry = https://npm.echohq.com/
3-
3+
44# GitHub Packages scope
55@Checkmarx:registry = https://npm.pkg.github.com/
6-
6+
77# GitHub Packages auth
8- //npm.pkg.github.com/:_authToken =
8+ //npm.pkg.github.com/:_authToken =
9+
10+ # Supply Chain Security Policy: Block lifecycle scripts
11+ ignore-scripts = true
You can’t perform that action at this time.
0 commit comments