From 9b29827339413d63dbec132fde2e92d77a3bbaab Mon Sep 17 00:00:00 2001 From: UM100080 Date: Wed, 18 Oct 2023 17:32:22 +0530 Subject: [PATCH 1/4] CI/CD-NPMauditbuild scripts --- package.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index 74a9b3c27b6..10e58922277 100644 --- a/package.json +++ b/package.json @@ -78,7 +78,8 @@ "wdio-lowlight": "terra wdio --themes clinical-lowlight-theme", "wdio-fusion": "terra wdio --themes orion-fusion-theme", "wdio": "terra wdio --themes terra-default-theme clinical-lowlight-theme orion-fusion-theme", - "wdio:docker": "terra wdio --disableSeleniumService=true --themes terra-default-theme clinical-lowlight-theme orion-fusion-theme" + "wdio:docker": "terra wdio --disableSeleniumService=true --themes terra-default-theme clinical-lowlight-theme orion-fusion-theme", + "npm:audit": "npm i --package-lock-only && npm audit --json > audit.json || true && if [ -s audit.json ]; then echo 'NPM audit vulnerabilities found:'; cat audit.json; fi" }, "devDependencies": { "@babel/cli": "^7.5.0", From 70dbe9b9f6a387ee9c7ec8ae12ab20d03b1512cb Mon Sep 17 00:00:00 2001 From: UM100080 Date: Wed, 18 Oct 2023 20:03:00 +0530 Subject: [PATCH 2/4] ci-cd.yml audit jobs --- .github/workflows/ci-cd.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 23853ae7dfd..dbba10de7f7 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -59,7 +59,20 @@ jobs: if: matrix.theme == 'fusion' - name: Run WDIO Tests for form factor ${{ matrix.form-factor }} and ${{ matrix.theme }} run: SITE=build/${{ matrix.theme }} FORM_FACTOR=${{ matrix.form-factor }} npm run wdio-${{ matrix.theme }} + NPM_Audit: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + - name: Install dependencies and run npm audit + run: | + npm i --package-lock-only + npm audit --json > audit.json || true + if [ -s audit.json ]; then + echo 'NPM audit vulnerabilities found:' + cat audit.json + fi release-and-deploy: runs-on: ubuntu-latest From 82fc11d89d872ec04e3450a5186e993e0240ae33 Mon Sep 17 00:00:00 2001 From: UM100080 Date: Thu, 19 Oct 2023 10:46:30 +0530 Subject: [PATCH 3/4] fixing warnings --- .github/workflows/ci-cd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index dbba10de7f7..64af52cab5d 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -64,7 +64,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v2 - name: Install dependencies and run npm audit run: | npm i --package-lock-only From 9de9488a47c117f03b6c23c2a6524cf6d64b4734 Mon Sep 17 00:00:00 2001 From: UM100080 Date: Wed, 25 Oct 2023 14:07:17 +0530 Subject: [PATCH 4/4] added full-audit --- .github/workflows/ci-cd.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 64af52cab5d..05fa9ef990d 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -71,7 +71,10 @@ jobs: npm audit --json > audit.json || true if [ -s audit.json ]; then echo 'NPM audit vulnerabilities found:' - cat audit.json + npm audit --registry=https://registry.npmjs.org --json > audit-full.json + cat audit-full.json # Display the contents of audit-full.json + else + echo 'No NPM audit vulnerabilities found.' fi release-and-deploy: runs-on: ubuntu-latest