Security Audit #74

	name: Security Audit

	on:
	schedule:
	# Run security audit daily at 2 AM UTC
	- cron: '0 2 * * *'
	push:
	branches: [ main, develop ]
	pull_request:
	branches: [ main, develop ]

	jobs:
	security-audit:
	name: Security Audit
	runs-on: ubuntu-latest
	timeout-minutes: 10

	steps:
	- name: Checkout code
	uses: actions/checkout@v5

	- name: Setup Node.js
	uses: actions/setup-node@v5
	with:
	node-version: '20'
	cache: 'npm'

	- name: Install dependencies
	run: npm ci --ignore-scripts

	- name: Run security audit
	run: npm audit --audit-level moderate \|\| true

	- name: Check for known vulnerabilities
	run: npm audit --audit-level high

	dependency-review:
	name: Dependency Review
	runs-on: ubuntu-latest
	if: github.event_name == 'pull_request'

	steps:
	- name: Checkout Repository
	uses: actions/checkout@v5

	- name: Dependency Review
	uses: actions/dependency-review-action@v4

Provide feedback