8b1b45628f
* define npm run coverage * Revert "define npm run coverage" This reverts commit 32133d33412105d167226ac31c4f7875f85716ab. * use coverallsapp/github-action@master * Give --coverage option to npm test * Add coveralls badge
50 lines
1.2 KiB
Markdown
50 lines
1.2 KiB
Markdown
# npm audit action
|
|
|
|
[](https://coveralls.io/github/oke-py/npm-audit-action?branch=master)
|
|
|
|
GitHub Action to run `npm audit`
|
|
|
|
If vulnerabilities are found by `npm audit`, it creates the following GitHub Issue.
|
|
|
|
|
|
|
|
## Usage
|
|
|
|
### Inputs
|
|
|
|
|Parameter|Required|Default Value|Description|
|
|
|:--:|:--:|:--:|:--|
|
|
|issue_assignees|false|N/A|Issue assignees (separated by commma)|
|
|
|issue_labels|false|N/A|Issue labels (separated by commma)|
|
|
|issue_title|false|npm audit found vulnerabilities|Issue title|
|
|
|token|true|N/A|GitHub Access Token.<br>${{ secrets.GITHUB_TOKEN }} is recommended.|
|
|
|
|
### Outputs
|
|
|
|
N/A
|
|
|
|
## Example Workflow
|
|
|
|
```yaml
|
|
name: npm audit
|
|
|
|
on: [push, pull_request]
|
|
# on:
|
|
# schedule:
|
|
# - cron: '0 10 * * *'
|
|
|
|
jobs:
|
|
scan:
|
|
name: npm audit
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v1
|
|
- name: install dependencies
|
|
run: npm ci
|
|
- uses: oke-py/npm-audit-action@v0.1.0
|
|
with:
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|
|
issue_assignees: oke-py
|
|
issue_labels: vulnerability,test
|
|
```
|