Merge pull request #42 from step-security/fix_Audit-Fix_workflow

Fix audit fix workflow

Author: Raj-StepSecurity

.github/workflows/actions_release.yml

@@ -6,6 +6,9 @@ on:
       tag:
         description: "Tag for the release"
         required: true
+      script:
+        required: false
+        default: "npm test"
 
 permissions:
   contents: read
@@ -18,4 +21,5 @@ jobs:
       contents: write
     uses: step-security/reusable-workflows/.github/workflows/actions_release.yaml@v1
     with:
-      tag: "${{ github.event.inputs.tag }}"
+      tag: "${{ github.event.inputs.tag }}"
+      script: ${{ github.event.inputs.script }}

.github/workflows/audit-package.yml

@@ -0,0 +1,32 @@
+name: NPM Audit Fix Run
+
+on:
+  workflow_dispatch:
+    inputs:
+      force:
+        description: "Use --force flag for npm audit fix?"
+        required: false
+        type: boolean
+      base_branch:
+        description: "Specify a base branch"
+        required: false
+        default: "main"
+      script:
+        required: false
+        default: "npm test"
+  schedule:
+    - cron: "0 0 * * 1"
+
+jobs:
+  audit-fix:
+    uses: step-security/reusable-workflows/.github/workflows/audit_fix.yml@v1
+    with:
+      force: ${{ inputs.force || false }}
+      base_branch: ${{ inputs.base_branch || 'main' }} 
+      script: ${{ inputs.script || 'npm test'}}
+
+permissions:
+  contents: write
+  pull-requests: write
+  packages: read
+  issues: write