nna/npm-audit-action
3
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
13 Commits 1 Branch 2 Tags
3e659c8c999b981991f3e83d894545458d44fe5e
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

npm audit action

Coverage Status

GitHub Action to run npm audit

If vulnerabilities are found by npm audit, it creates the following GitHub Issue.

image

Usage

Inputs

Parameter Required Default Value Description
issue_assignees false N/A Issue assignees (separated by commma)
issue_labels false N/A Issue labels (separated by commma)
issue_title false npm audit found vulnerabilities Issue title
token true N/A GitHub Access Token.
${{ secrets.GITHUB_TOKEN }} is recommended.

Outputs

N/A

Example Workflow

name: npm audit

on: [push, pull_request]
# on:
#   schedule:
#     - cron: '0 10 * * *'

jobs:
  scan:
    name: npm audit
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v1
      - name: install dependencies
        run: npm ci
      - uses: oke-py/npm-audit-action@v1.0.0
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}
          issue_assignees: oke-py
          issue_labels: vulnerability,test

This action is inspired by homoluctus/gitrivy.

Reference in New Issue View Git Blame Copy Permalink
Description
A scuffed port of npm-audit-action to Gitea-js
Readme MIT 6.1 MiB
Languages
TypeScript 91.9%
JavaScript 8.1%