Skip to content

Commit 9541909

Browse files
davidebrianidavidebriani
committed
ci(frontend): add npm audit workflow
- Create 'frontend-audit.yaml' to fail on high-severity vulnerabilities - Integrate audit job into main 'frontend-ci.yaml' Signed-off-by: Davide Briani <davide.briani@secomind.com>
1 parent 382053e commit 9541909

2 files changed

Lines changed: 27 additions & 0 deletions

File tree

.github/workflows/frontend-audit.yaml

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
name: NPM Audit
2+
on:
3+
workflow_call:
4+
workflow_dispatch:
5+
permissions:
6+
contents: read
7+
defaults:
8+
run:
9+
shell: bash
10+
working-directory: frontend
11+
jobs:
12+
audit:
13+
runs-on: ubuntu-latest
14+
steps:
15+
- uses: actions/checkout@v4
16+
- uses: actions/setup-node@v4
17+
with:
18+
node-version-file: .tool-versions
19+
cache: "npm"
20+
cache-dependency-path: frontend/package-lock.json
21+
- name: npm install
22+
run: npm ci --ignore-scripts
23+
- name: npm audit
24+
run: npm audit --audit-level=high

.github/workflows/frontend-ci.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -62,3 +62,6 @@ jobs:
6262
coverage:
6363
needs: [warmup-cache]
6464
uses: ./.github/workflows/frontend-coverage.yaml
65+
audit:
66+
needs: [warmup-cache]
67+
uses: ./.github/workflows/frontend-audit.yaml

0 commit comments

Comments
 (0)