.github/workflows/security_audit.yml
name: Modules security check
on:
push:
branches:
- production
- development
- staging
pull_request:
jobs:
yarn-audit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version-file: '.nvmrc'
- name: Cache node modules
uses: actions/cache@v2
with:
path: ./node_modules
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
- name: install dependencies
run: yarn install
- run: yarn audit --level high --groups dependencies || if [ $? -gt 8 ]; then exit 1; else exit 0; fi