huridocs/uwazi

View on GitHub
.github/workflows/security_audit.yml

Summary

Maintainability
Test Coverage
name: Modules security check

on:
  push:
    branches:
      - production
      - development
      - staging
  pull_request:

jobs:
  yarn-audit:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Use Node.js
        uses: actions/setup-node@v4
        with:
          node-version-file: '.nvmrc'
      - name: Cache node modules
        uses: actions/cache@v2
        with:
          path: ./node_modules
          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
      - name: install dependencies
        run: yarn install
      - run: yarn audit --level high --groups dependencies || if [ $? -gt 8 ]; then exit 1; else exit 0; fi