diff --git a/README.md b/README.md
index dce1713..41a020f 100644
--- a/README.md
+++ b/README.md
@@ -23,16 +23,16 @@ If vulnerabilities are found by `npm audit`, Action triggered by push, schedule
|Parameter|Required|Default Value|Description|
|:--:|:--:|:--:|:--|
|audit_level|false|low|The value of `--audit-level` flag|
-|production_flag|false|false|Runnning `npm audit` with `--omit=dev`|
-|json_flag|false|false|Runnning `npm audit` with `--json`|
+|create_issues|false|true|If 'false', action will not create a new issue even if vulnerabilities are found (since v1.8.0)|
+|create_pr_comments|false|true|If 'false', action will not create a pr comment even if vulnerabilities are found (since v1.8.0)|
+|dedupe_issues|false|false|If 'true', action will not create a new issue when one is already open (since v1.5.0)|
+|github_token|true|N/A|GitHub Access Token.
${{ secrets.GITHUB_TOKEN }} is recommended.|
|issue_assignees|false|N/A|Issue assignees (separated by commma)|
|issue_labels|false|N/A|Issue labels (separated by commma)|
|issue_title|false|npm audit found vulnerabilities|Issue title|
-|github_token|true|N/A|GitHub Access Token.
${{ secrets.GITHUB_TOKEN }} is recommended.|
+|json_flag|false|false|Runnning `npm audit` with `--json`|
+|production_flag|false|false|Runnning `npm audit` with `--omit=dev`|
|working_directory|false|N/A|The directory which contains package.json (since v1.4.0)|
-|dedupe_issues|false|false|If 'true', action will not create a new issue when one is already open (since v1.5.0)|
-|create_issues|false|true|If 'false', action will not create a new issue even if vulnerabilities are found (since v1.8.0)|
-|create_pr_comments|false|true|If 'false', action will not create a pr comment even if vulnerabilities are found (since v1.8.0)|
### Outputs
diff --git a/action.yml b/action.yml
index 02bdfc4..c3961be 100644
--- a/action.yml
+++ b/action.yml
@@ -6,12 +6,16 @@ inputs:
description: 'The value of `--audit-level` flag'
default: low
required: false
- production_flag:
- description: 'Run npm audit with --omit=dev'
- default: 'false'
+ create_issues:
+ description: 'Flag to create issues when vulnerabilities are found'
+ default: 'true'
required: false
- json_flag:
- description: 'Run npm audit with --json'
+ create_pr_comments:
+ description: 'Flag to create pr comments when vulnerabilities are found'
+ default: 'true'
+ required: false
+ dedupe_issues:
+ description: 'Flag to de-dupe against open issues'
default: 'false'
required: false
github_context:
@@ -31,20 +35,16 @@ inputs:
description: 'Issue title'
default: 'npm audit found vulnerabilities'
required: false
- working_directory:
- description: 'The directory which contains package.json (since v1.4.0)'
- required: false
- dedupe_issues:
- description: 'Flag to de-dupe against open issues'
+ json_flag:
+ description: 'Run npm audit with --json'
default: 'false'
required: false
- create_issues:
- description: 'Flag to create issues when vulnerabilities are found'
- default: 'true'
+ production_flag:
+ description: 'Run npm audit with --omit=dev'
+ default: 'false'
required: false
- create_pr_comments:
- description: 'Flag to create pr comments when vulnerabilities are found'
- default: 'true'
+ working_directory:
+ description: 'The directory which contains package.json (since v1.4.0)'
required: false
outputs:
npm_audit: