audit-dependencies #7

	name: audit-dependencies

	on:
	# Sundays at 2am EST
	schedule:
	- cron: '0 7 * * 0'
	workflow_dispatch:
	inputs:
	audit-level:
	description: The level of audit to run (low, moderate, high, critical)
	required: false
	default: critical

	env:
	NODE_VERSION: 23.11.0
	PNPM_VERSION: 9.7.1
	DO_NOT_TRACK: 1 # Disable Turbopack telemetry
	NEXT_TELEMETRY_DISABLED: 1 # Disable Next telemetry

	jobs:
	audit:
	runs-on: ubuntu-24.04
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Setup
	uses: ./.github/actions/setup
	with:
	node-version: ${{ env.NODE_VERSION }}
	pnpm-version: ${{ env.PNPM_VERSION }}

	- name: Run audit dependencies script
	id: audit_dependencies
	run: ./.github/workflows/audit-dependencies.sh ${{ inputs.audit-level }}

	- name: Failure output
	id: failure_output
	if: failure()
	run: \|
	echo "Vulnerabilities found."
	cat audit_output.json
	# Output json content to GitHub Actions output
	echo "audit_output=$(cat audit_output.json)" >> $GITHUB_OUTPUT

	- name: Slack notification on failure
	if: failure()
	uses: slackapi/[email protected]
	with:
	webhook: ${{ secrets.SLACK_TEST_WEBHOOK_URL }}
	webhook-type: incoming-webhook
	payload: \|
	text: "🚨 *Dependency Vulnerabilities Found"
	blocks:
	- type: "section"
	text:
	type: "mrkdwn"
	text: "Actionable vulnerabilities found: ${{ steps.failure_output.outputs.audit_output }}"
	- type: "section"
	text:
	type: "mrkdwn"
	text: "GitHub Action build result: ${{ job.status }}\n${{ github.event.pull_request.html_url \|\| github.event.head_commit.url }}"

Provide feedback