Remove dependency-review job, keep npm audit only
This commit is contained in:
Hendrik Garske
parent
302ac2a6a3
commit
faf054a655
1 changed files with 5 additions and 14 deletions
19
.github/workflows/security.yml
vendored
19
.github/workflows/security.yml
vendored
|
|
@ -1,36 +1,27 @@
|
|||
name: Security Scan
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
branches: ["**"]
|
||||
push:
|
||||
branches: [main]
|
||||
pull_request:
|
||||
branches: ["**"]
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
pull-requests: write
|
||||
|
||||
jobs:
|
||||
dependency-review:
|
||||
name: Dependency Review
|
||||
runs-on: [self-hosted, Linux, X64, docker]
|
||||
if: github.event_name == "pull_request"
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: actions/dependency-review-action@v4
|
||||
with:
|
||||
fail-on-severity: high
|
||||
comment-summary-in-pr: always
|
||||
|
||||
audit:
|
||||
name: npm Audit
|
||||
runs-on: [self-hosted, Linux, X64, docker]
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- uses: actions/setup-node@v4
|
||||
with:
|
||||
node-version: "20"
|
||||
cache: npm
|
||||
|
||||
- run: npm ci --no-audit --no-fund
|
||||
|
||||
- run: npm audit --audit-level=high
|
||||
continue-on-error: true
|
||||
|
|
|
|||
Loading…
Reference in a new issue