Skip to content
Security Scanning

build(deps-dev): bump the development-dependencies group with 15 updates #4

Sign in to view logs

build(deps-dev): bump the development-dependencies group with 15 updates

build(deps-dev): bump the development-dependencies group with 15 updates #4

Workflow file for this run

.github/workflows/security.yml at 0e9cf03
name: Security Scanning
on:
push:
branches: [ main, master ]
pull_request:
branches: [ main, master ]
schedule:
# Run security scan every Monday at 9am UTC
- cron: '0 9 * * 1'
workflow_dispatch:
jobs:
npm-audit:
name: NPM Security Audit
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version: '20'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Run npm audit
run: |
echo "## NPM Security Audit Results" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
# Run audit and capture output
if npm audit --audit-level=moderate 2>&1 | tee audit.txt; then
echo "✅ No vulnerabilities found!" >> $GITHUB_STEP_SUMMARY
else
echo "⚠️ Vulnerabilities detected - see details below" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
cat audit.txt >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
exit 1
fi
- name: Check for outdated dependencies
run: |
echo "## Outdated Dependencies" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
npm outdated >> $GITHUB_STEP_SUMMARY || true
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
continue-on-error: true
dependency-review:
name: Dependency Review
runs-on: ubuntu-latest
# Only run on pull requests
if: github.event_name == 'pull_request'
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Dependency Review
uses: actions/dependency-review-action@v4
with:
# Fail the build if vulnerabilities are found
fail-on-severity: moderate
# Add comment to PR with results
comment-summary-in-pr: always