create npm audit workflow

hpi-schul-cloud · Mar 4, 2020 · b4a385a · b4a385a
1 parent 4816642
commit b4a385a
Showing 1 changed file with 14 additions and 0 deletions.
diff --git a/.github/workflows/security-audit.yml b/.github/workflows/security-audit.yml
@@ -0,0 +1,14 @@
+name: Security Audit
+
+on: [push]
+
+jobs:
+  npmaudit:
+    runs-on: ubuntu-latest
+    name: "npm audit"
+    steps:
+      - uses: actions/checkout@v1
+      - name: npm audit prod
+        run: npm audit --only=prod --audit-level=low
+      - name: npm audit dev
+        run: npm audit --only=dev --audit-level=moderate