Execute daily scan (#19)

* Update README.md * run `npm audit` daily
2019-12-09 19:59:47 +09:00
parent 8b1b45628f
commit 4b8e261c55
2 changed files with 23 additions and 0 deletions
--- a/.github/workflows/daily.yml
+++ b/.github/workflows/daily.yml
@@ -0,0 +1,19 @@
+name: daily scan
+
+on:
+  schedule:
+    - cron: '0 20 * * *'
+
+jobs:
+  scan:
+    name: npm audit
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v1
+      - name: install dependencies
+        run: npm ci
+      - uses: oke-py/npm-audit-action@v0.1.0
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          issue_assignees: oke-py
+          issue_labels: vulnerability
--- a/README.md
+++ b/README.md
@@ -47,3 +47,7 @@ jobs:
          issue_assignees: oke-py
          issue_labels: vulnerability,test
 ```
+
+- - -
+
+This action is inspired by [homoluctus/gitrivy](https://github.com/homoluctus/gitrivy).