Skip to content

Security

Security #48

Workflow file for this run

name: Security
on:
push:
branches: [main, master]
pull_request:
branches: [main, master]
schedule:
# Run weekly on Monday at 00:00 UTC
- cron: '0 0 * * 1'
jobs:
audit:
name: Security Audit
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '20.x'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Run npm audit
run: npm audit --audit-level=moderate
continue-on-error: true
- name: Check for known vulnerabilities
run: npm audit --audit-level=high
continue-on-error: true
dependency-review:
name: Dependency Review
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Dependency Review
uses: actions/dependency-review-action@v4
with:
fail-on-severity: moderate