Dependency Check #9

	name: Dependency Check

	on:
	schedule:
	# Run every Monday at 9 AM UTC
	- cron: '0 9 * * 1'
	workflow_dispatch:

	permissions:
	actions: read
	contents: read

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	jobs:
	audit:
	name: Security Audit
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5

	- name: Setup Node.js
	uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6
	with:
	cache: 'npm'
	node-version-file: '.nvmrc'

	- name: Install dependencies
	run: npm ci --prefer-offline --no-audit

	- name: Run security audit
	run: npm audit --json > audit-report.json \|\| true

	- name: Upload audit report
	if: always()
	uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
	with:
	name: npm-audit-report
	path: audit-report.json

	- name: Check for outdated packages
	run: npm outdated \|\| true

	check-deps:
	name: Dependency Check
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5

	- name: Setup Node.js
	uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6
	with:
	node-version-file: '.nvmrc'
	cache: 'npm'

	- name: Install dependencies
	run: npm ci --prefer-offline --no-audit

	- name: Run postinstall
	run: npm run postinstall

	- name: Check dependencies for issues
	run: npm run checkDependencies

Provide feedback