Skip to content
Security Scan

Merge pull request #285 from Sendi0011/feature/issue-238-accessibilit… #37

Sign in to view logs

Merge pull request #285 from Sendi0011/feature/issue-238-accessibilit…

Merge pull request #285 from Sendi0011/feature/issue-238-accessibilit… #37

Workflow file for this run

.github/workflows/security-scan.yml at 0ef0d03
name: Security Scan
on:
push:
branches: [main, dev, develop]
pull_request:
branches: [main, dev, develop]
schedule:
- cron: '0 0 * * 1' # Run weekly on Mondays
jobs:
npm-audit:
name: NPM Audit Check
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '20'
cache: 'npm'
- name: Install dependencies
run: npm ci --legacy-peer-deps
- name: Run NPM Audit
run: npm audit --audit-level=high
- name: Advanced Vulnerability Scan (audit-ci)
run: |
npx audit-ci --high --critical --package-manager npm