42a3ccea53
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
51 lines
1.6 KiB
YAML
51 lines
1.6 KiB
YAML
name: daily scan
|
|
|
|
on:
|
|
schedule:
|
|
- cron: '0 20 * * *'
|
|
|
|
jobs:
|
|
scan:
|
|
name: npm audit
|
|
strategy:
|
|
matrix:
|
|
os: [ubuntu-latest, macos-latest]
|
|
runs-on: ${{ matrix.os }}
|
|
steps:
|
|
- uses: actions/checkout@v6
|
|
- name: install dependencies
|
|
run: npm ci
|
|
- uses: oke-py/npm-audit-action@v3
|
|
with:
|
|
github_token: ${{ secrets.GITHUB_TOKEN }}
|
|
issue_assignees: oke-py
|
|
issue_labels: vulnerability
|
|
dedupe_issues: true
|
|
production_flag: true
|
|
|
|
# scan-on-windows job disabled due to npm.cmd EINVAL error on Windows
|
|
# scan-on-windows:
|
|
# name: npm audit
|
|
# runs-on: windows-latest
|
|
# steps:
|
|
# - uses: actions/checkout@v6
|
|
# # Set PowerShell execution policy for this process
|
|
# - name: Set PowerShell execution policy
|
|
# shell: powershell
|
|
# run: Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope Process -Force
|
|
# # https://stackoverflow.com/questions/72401421/message-npm-warn-config-global-global-local-are-deprecated-use-loc
|
|
# - name: Upgrade npm
|
|
# shell: powershell
|
|
# run: |
|
|
# npm install npm-windows-upgrade --location=global
|
|
# npm-windows-upgrade --npm-version latest --no-prompt
|
|
# - name: install dependencies
|
|
# run: npm ci
|
|
# - uses: oke-py/npm-audit-action@v3
|
|
# with:
|
|
# github_token: ${{ secrets.GITHUB_TOKEN }}
|
|
# issue_assignees: oke-py
|
|
# issue_labels: vulnerability
|
|
# dedupe_issues: true
|
|
# production_flag: true
|