nna/npm-audit-action
3
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
368 Commits 1 Branch 2 Tags
42a3ccea53195575eecdcbd110738bd80bcc48fd
Commit Graph

34 Commits

Author SHA1 Message Date
dependabot[bot]
42a3ccea53 build(deps): bump actions/checkout from 5 to 6 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-24 09:13:24 +00:00
dependabot[bot]
148449c0eb build(deps): bump actions/checkout from 4 to 5 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-18 13:31:42 +00:00
Naoki Oketani
cf52e91acd style(yaml): apply yaml linter to workflow files 2025-05-05 11:20:51 +00:00
Naoki Oketani
e85a172294 fix: add PowerShell execution policy setting to Windows jobs 2025-05-04 03:32:18 +00:00
Naoki Oketani
1e27b66366 fix: disable scan-on-windows job due to npm.cmd EINVAL error 2025-05-04 03:29:41 +00:00
Naoki Oketani
3fa1b7654e feat: update references from v2 to v3 for release v3.0.0 2025-05-03 13:54:49 +00:00
dependabot[bot]
f761856646 build(deps): bump actions/checkout from 3 to 4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-08 14:34:15 +00:00
Naoki Oketani
5ccfa07c62 create issue only when vulns found in production modules 2023-07-04 13:29:28 +00:00
Naoki Oketani
3e3735791c update npm globally at an earlier step of each job (#124) 
* update npm globally at an earlier step of each job

* execute `npm update` with sudo

* seprate windows jobs from linux,mac jobs

* upgrade npm to latest on windows

* upgrade npm to latest on windows
 2022-07-01 07:16:46 +09:00
Shaid Khan
33a41db91d Fix Commit - Committing fix whereby NPM Audit Actions Fails when running on Windows OS (#122) 
- This commit is to fix an issue when running the 'npm-audit-action' on the 'windows-latest'
- Integrated the 'spawnSync' to use the right 'npm' script based upon the OS used
 2022-05-12 07:45:03 +09:00
Naoki Oketani
e3662da326 Update default runtime to node16 (#118) 
* Update default runtime to node16

* update dependencies

* 2.0.0
 2022-03-26 15:31:24 +09:00
dependabot[bot]
e0cb327868 Bump actions/checkout from 2 to 3 (#114) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-06 20:10:33 +09:00
Naoki Oketani
02cb9c4d3b fix CVE-2022-0235 (#108) 
* npm audit fix

* npm run all

* 1.8.4

* update README and daily action to use v1.8.4
 2022-01-25 12:30:57 +09:00
Naoki Oketani
8196a9cc90 Release v1.8.3 (#105) 
* 1.8.3

* update README and daily action to use v1.8.3
 2022-01-15 18:33:23 +09:00
Naoki Oketani
b58fe17512 Release v1.8.2 (#101) 
* 1.8.2

* update README and daily action to use v1.8.2
 2021-10-16 18:26:12 +09:00
Naoki Oketani
9d3f4c8708 Bump patch verstion to 1.8.1 2021-10-08 21:21:58 +09:00
Naoki Oketani
b279a61c36 Bump minor version to 1.8.0 2021-10-03 09:28:58 +09:00
Naoki Oketani
cf7f895e0d Bump patch version to 1.7.4 2021-09-26 21:36:59 +09:00
Naoki Oketani
5d4cffea6d fix dependencies' vulnerabilities (#86) 
* [fix] `npm audit fix`

* [fix] `npm update`

* [fix] update jest, jest-circus, ts-jest

* 1.7.3
 2021-06-03 07:45:50 +09:00
Naoki Oketani
47ffa59342 update: scan v1.7.2 2021-05-09 17:25:00 +09:00
Naoki Oketani
ddca8d247d docs: use 1.7.1 in the sample 2021-01-06 13:21:27 +09:00
Naoki Oketani
8a4cabf41a update version 2020-12-12 12:04:36 +00:00
Naoki Oketani
3868af0215 update README & npm run all 2020-11-12 10:45:24 +00:00
Naoki Oketani
86587558c6 use v1.5.2 2020-09-11 13:08:07 +00:00
Naoki Oketani
75b171622a v1.5.1 (#68) 
* run `npm audit fix`

* run `npm run all`

* 1.5.1

* use v1.5.1
 2020-07-14 19:14:55 +09:00
Naoki Oketani
f6ba9be9cf update example & daily scan to use v1.5.0 with dedupe_issues=true 2020-05-28 07:24:52 +09:00
Naoki Oketani
6ca4ad598e bump version to v1.4.0 2020-05-23 16:10:57 +09:00
Naoki Oketani
49b1b8cc78 bump version to v1.3.1 2020-04-30 07:59:06 +09:00
Naoki Oketani
3b7b95bf4a update npm-audit-action to v1.2.0 (#50) 2020-03-14 20:35:30 +09:00
Naoki Oketani
6c003b8ee4 update actions/checkout to v2 (#37) 2020-01-27 20:48:43 +09:00
Naoki Oketani
a0a6093710 add unit test and cleanup (#28) 
* remove unnessary import

* use mock for child_process.spawnSync()

* document useful resources

* use v1.1.0 for daily scan
 2019-12-13 16:09:10 +09:00
Naoki Oketani
3e659c8c99 use GitHub context to branch processing (#22) 2019-12-13 12:18:28 +09:00
Naoki Oketani
2e5ad3c2cf Creates an issue even if inputs.issue_labels is not given (#21) 
* Creates an issue even if inputs.issue_labels is not given

* 1.0.0

* Use v1.0.0 in example, daily scan
 2019-12-09 22:49:41 +09:00
Naoki Oketani
4b8e261c55 Execute daily scan (#19) 
* Update README.md

* run `npm audit` daily
 2019-12-09 19:59:47 +09:00