README.md

# npm audit action

GitHub Action to run `npm audit`

If vulnerabilities are found by `npm audit`, it creates the following GitHub Issue.

![image](https://github.com/oke-py/npm-audit-action/blob/master/issue.png)

## Usage

### Inputs

|Parameter|Required|Default Value|Description|
|:--:|:--:|:--:|:--|
|issue_assignees|false|N/A|Issue assignees (separated by commma)|
|issue_labels|false|N/A|Issue labels (separated by commma)|
|issue_title|false|npm audit found vulnerabilities|Issue title|
|token|true|N/A|GitHub Access Token.<br>${{ secrets.GITHUB_TOKEN }} is recommended.|

### Outputs

N/A

## Example Workflow

```yaml
name: npm audit

on: [push, pull_request]
# on:
#   schedule:
#     - cron: '0 10 * * *'

jobs:
  scan:
    name: npm audit
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v1
      - name: install dependencies
        run: npm ci
      - uses: oke-py/npm-audit-action@v0.1.0
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          issue_assignees: oke-py
          issue_labels: vulnerability,test
```
setup repo & run `npm audit` (#1) 2019-12-08 22:10:35 +09:00			`# npm audit action`
Initial commit 2019-12-08 19:17:13 +09:00
setup repo & run `npm audit` (#1) 2019-12-08 22:10:35 +09:00			GitHub Action to run `npm audit`
Open a GitHub Issue if vulnerabilities are found (#8) * Get GitHub access token from input * install npm package * fix TypeScript error to successfully build ref: https://github.com/actions/toolkit/issues/199 * npm i strip-ansi to remove control characters * create an issue * use template literal to pass lint * npm run format; npm run lint * use inputs.issue_title as issue title * document inputs.issue_title * add inputs.issue_title 2019-12-09 08:51:14 +09:00
Add image and example to README.md 2019-12-09 14:13:56 +09:00			If vulnerabilities are found by `npm audit`, it creates the following GitHub Issue.

			`![image](https://github.com/oke-py/npm-audit-action/blob/master/issue.png)`

Open a GitHub Issue if vulnerabilities are found (#8) * Get GitHub access token from input * install npm package * fix TypeScript error to successfully build ref: https://github.com/actions/toolkit/issues/199 * npm i strip-ansi to remove control characters * create an issue * use template literal to pass lint * npm run format; npm run lint * use inputs.issue_title as issue title * document inputs.issue_title * add inputs.issue_title 2019-12-09 08:51:14 +09:00			`## Usage`

			`### Inputs`

			`\|Parameter\|Required\|Default Value\|Description\|`
			`\|:--:\|:--:\|:--:\|:--\|`
Set Issue labels by inputs & add unit test (#12) * Set Issue labels by inputs * Add unit test 2019-12-09 12:43:13 +09:00			`\|issue_assignees\|false\|N/A\|Issue assignees (separated by commma)\|`
			`\|issue_labels\|false\|N/A\|Issue labels (separated by commma)\|`
Open a GitHub Issue if vulnerabilities are found (#8) * Get GitHub access token from input * install npm package * fix TypeScript error to successfully build ref: https://github.com/actions/toolkit/issues/199 * npm i strip-ansi to remove control characters * create an issue * use template literal to pass lint * npm run format; npm run lint * use inputs.issue_title as issue title * document inputs.issue_title * add inputs.issue_title 2019-12-09 08:51:14 +09:00			`\|issue_title\|false\|npm audit found vulnerabilities\|Issue title\|`
			`\|token\|true\|N/A\|GitHub Access Token.<br>${{ secrets.GITHUB_TOKEN }} is recommended.\|`
Set Issue assignees by inputs (#10) * Set Issue assignees by inputs * remove unused file * Revert "remove unused file" This reverts commit f308fad240706376cf21c6df7490b84c66ef1905. * npm run all * add heading to README * create issue templates 2019-12-09 09:41:29 +09:00
			`### Outputs`

			`N/A`

			`## Example Workflow`

Add image and example to README.md 2019-12-09 14:13:56 +09:00			```yaml
			`name: npm audit`

			`on: [push, pull_request]`
			`# on:`
			`# schedule:`
			`# - cron: '0 10 * * *'`

			`jobs:`
			`scan:`
			`name: npm audit`
			`runs-on: ubuntu-latest`
			`steps:`
			`- uses: actions/checkout@v1`
			`- name: install dependencies`
			`run: npm ci`
			`- uses: oke-py/npm-audit-action@v0.1.0`
			`with:`
			`token: ${{ secrets.GITHUB_TOKEN }}`
			`issue_assignees: oke-py`
			`issue_labels: vulnerability,test`
			```