Audit

Update vulnerable dependencies #2780

Workflow file for this run

.github/workflows/audit-dev.yml at a0dc096

	name: Audit
	on:
	pull_request:
	paths:
	- .github/workflows/audit-dev.yml
	- config/dirty-waters.json
	- .ndmrc
	- .nsprc
	- .nvmrc
	- package-lock.json
	push:
	branches:
	- main
	schedule:
	- cron: "0 3 * * *"
	workflow_dispatch: ~

	permissions: read-all

	jobs:
	deprecations:
	name: Deprecations
	runs-on: ubuntu-24.04
	steps:
	- name: Checkout repository
	uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
	with:
	persist-credentials: false
	- name: Verify action checksums
	uses: ./.github/actions/ghasum
	- name: Install Node.js
	uses: actions/setup-node@v6.3.0
	with:
	cache: npm
	node-version-file: .nvmrc
	- name: Install dependencies
	run: npm clean-install
	- name: Audit for deprecations
	run: npm run audit:deprecations
	vulnerabilities:
	name: Vulnerabilities
	runs-on: ubuntu-24.04
	steps:
	- name: Checkout repository
	uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
	with:
	persist-credentials: false
	- name: Verify action checksums
	uses: ./.github/actions/ghasum
	- name: Install Node.js
	uses: actions/setup-node@v6.3.0
	with:
	cache: npm
	node-version-file: .nvmrc
	- name: Install dependencies
	run: npm clean-install
	- name: Audit for vulnerabilities
	run: npm run audit:vulnerabilities
	- name: Bump vulnerable dependencies
	if: ${{ github.event_name == 'schedule' && failure() }}
	run: npm audit fix
	- name: Create automation token
	if: ${{ github.event_name == 'schedule' && failure() }}
	uses: actions/create-github-app-token@v3.0.0
	id: automation-token
	with:
	app-id: ${{ secrets.AUTOMATION_APP_ID }}
	private-key: ${{ secrets.AUTOMATION_APP_PRIVATE_KEY }}
	- name: Create Pull Request
	if: ${{ github.event_name == 'schedule' && failure() }}
	uses: peter-evans/create-pull-request@v8.0.0
	with:
	token: ${{ steps.automation-token.outputs.token }}
	title: Update vulnerable dependencies
	body: \|
	_This Pull Request was created automatically based on at least one
	known vulnerability detected in CI._
	branch: bump-vulnerable-dependencies
	commit-message: Fix vulnerable dependencies with `npm audit fix`

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update vulnerable dependencies #2780

Workflow file

Update vulnerable dependencies #2780

Uh oh!

Workflow file for this run