nna/npm-audit-action
3
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
11 Commits 1 Branch 2 Tags
2e5ad3c2cf33e5c6a8d07303d2661551aa4c1add
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Naoki Oketani 2e5ad3c2cf Creates an issue even if inputs.issue_labels is not given (#21) 
* Creates an issue even if inputs.issue_labels is not given

* 1.0.0

* Use v1.0.0 in example, daily scan
2019-12-09 22:49:41 +09:00
__tests__
Creates an issue even if inputs.issue_labels is not given (#21)
2019-12-09 22:49:41 +09:00
.github
Creates an issue even if inputs.issue_labels is not given (#21)
2019-12-09 22:49:41 +09:00
@types/octokit
Open a GitHub Issue if vulnerabilities are found (#8)
2019-12-09 08:51:14 +09:00
dist
add test for issue option (#20)
2019-12-09 21:31:55 +09:00
src
Creates an issue even if inputs.issue_labels is not given (#21)
2019-12-09 22:49:41 +09:00
.editorconfig
setup repo & run npm audit (#1)
2019-12-08 22:10:35 +09:00
.eslintignore
Initial commit
2019-12-08 19:17:13 +09:00
.eslintrc.json
Set Issue labels by inputs & add unit test (#12)
2019-12-09 12:43:13 +09:00
.gitignore
Initial commit
2019-12-08 19:17:13 +09:00
.prettierignore
Initial commit
2019-12-08 19:17:13 +09:00
.prettierrc.json
Initial commit
2019-12-08 19:17:13 +09:00
action.yml
Set Issue labels by inputs & add unit test (#12)
2019-12-09 12:43:13 +09:00
issue.png
Add image and example to README.md
2019-12-09 14:13:56 +09:00
jest.config.js
Initial commit
2019-12-08 19:17:13 +09:00
LICENSE
setup repo & run npm audit (#1)
2019-12-08 22:10:35 +09:00
package-lock.json
Creates an issue even if inputs.issue_labels is not given (#21)
2019-12-09 22:49:41 +09:00
package.json
Creates an issue even if inputs.issue_labels is not given (#21)
2019-12-09 22:49:41 +09:00
README.md
Creates an issue even if inputs.issue_labels is not given (#21)
2019-12-09 22:49:41 +09:00
tsconfig.json
Initial commit
2019-12-08 19:17:13 +09:00

README.md

npm audit action

Coverage Status

GitHub Action to run npm audit

If vulnerabilities are found by npm audit, it creates the following GitHub Issue.

image

Usage

Inputs

Parameter Required Default Value Description
issue_assignees false N/A Issue assignees (separated by commma)
issue_labels false N/A Issue labels (separated by commma)
issue_title false npm audit found vulnerabilities Issue title
token true N/A GitHub Access Token.
${{ secrets.GITHUB_TOKEN }} is recommended.

Outputs

N/A

Example Workflow

name: npm audit

on: [push, pull_request]
# on:
#   schedule:
#     - cron: '0 10 * * *'

jobs:
  scan:
    name: npm audit
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v1
      - name: install dependencies
        run: npm ci
      - uses: oke-py/npm-audit-action@v1.0.0
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          issue_assignees: oke-py
          issue_labels: vulnerability,test

This action is inspired by homoluctus/gitrivy.

Reference in New Issue View Git Blame Copy Permalink
Description
A scuffed port of npm-audit-action to Gitea-js
Readme MIT 6.1 MiB
Languages
TypeScript 91.9%
JavaScript 8.1%