Skip to content
audit-dependencies

audit-dependencies #12

Sign in to view logs

audit-dependencies

audit-dependencies #12

Workflow file for this run

.github/workflows/audit-dependencies.yml at 89f54ae
name: audit-dependencies
on:
# Sundays at 2am EST
schedule:
- cron: '0 7 * * 0'
workflow_dispatch:
inputs:
audit-level:
description: The level of audit to run (low, moderate, high, critical)
required: false
default: critical
env:
NODE_VERSION: 23.11.0
PNPM_VERSION: 9.7.1
DO_NOT_TRACK: 1 # Disable Turbopack telemetry
NEXT_TELEMETRY_DISABLED: 1 # Disable Next telemetry
jobs:
audit:
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup
uses: ./.github/actions/setup
with:
node-version: ${{ env.NODE_VERSION }}
pnpm-version: ${{ env.PNPM_VERSION }}
- name: Run audit dependencies script
id: audit_dependencies
run: ./.github/workflows/audit-dependencies.sh ${{ inputs.audit-level }}
- name: Failure output
if: failure()
run: |
set -ex
echo "Vulnerabilities found."
cat audit_output.json
# echo audit_dependencies.outputs.audit_output
echo "${{ steps.audit_dependencies.outputs.audit_output }}"
echo "All outputs: ${{ toJson(steps.audit_dependencies.outputs) }}"
- name: Slack notification on failure
if: failure()
uses: slackapi/[email protected]
with:
webhook: ${{ secrets.SLACK_TEST_WEBHOOK_URL }}
webhook-type: incoming-webhook
payload: |
{
"text": "🚨 *Dependency Vulnerabilities Found*",
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "Actionable vulnerabilities found: ${{ steps.audit_dependencies.outputs.audit_output }}"
}
},
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "GitHub Action build result: ${{ job.status }}\n<${{ github.event.pull_request.html_url || github.event.head_commit.url }}|View Details>"
}
}
]
}