From f08891e7e37e52f68290cdce3f0b60160143d83f Mon Sep 17 00:00:00 2001
From: Charles Graham SWT <krowven@gmail.com>
Date: Wed, 27 Aug 2025 10:16:47 -0500
Subject: [PATCH 1/2] Add npm audit to the build steps action for CDA

---
 .github/workflows/build.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index eae491796f..2b5d959a4a 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -27,6 +27,18 @@ jobs:
           distribution: 'temurin'
           java-version: ${{matrix.jdk}}
           cache: 'gradle'
+      - name: install node for cda-gui audit
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+          cache-dependency-path: cda-gui/package-lock.json
+
+      - name: run cda-gui audit for high CVE
+        working-directory: ./cda-gui
+        run: |
+          npm install --package-lock-only
+          npm audit --audit-level=high
       - name: build and test
         id: thebuild
         run: ./gradlew build --info --init-script init.gradle

From adc6cea2857afe462f32b27ea0920d7f646f60f9 Mon Sep 17 00:00:00 2001
From: Charles Graham <charles.r.graham@usace.army.mil>
Date: Wed, 27 Aug 2025 17:39:42 -0500
Subject: [PATCH 2/2] Update build.yml

bump node to 22
---
 .github/workflows/build.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 2b5d959a4a..3f11b8dd46 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -30,7 +30,7 @@ jobs:
       - name: install node for cda-gui audit
         uses: actions/setup-node@v4
         with:
-          node-version: '20'
+          node-version: '22'
           cache: 'npm'
           cache-dependency-path: cda-gui/package-lock.json