Check for Vulnerabilities #2662

Workflow file for this run

.github/workflows/security.yml at c30afa4

	---
	name: Check for Vulnerabilities

	on:
	schedule:
	- cron: "0 1 * * *" # every day at 1 AM
	workflow_dispatch:
	push:

	jobs:
	backend:
	runs-on: ubuntu-latest
	defaults:
	run:
	working-directory: ./backend
	steps:
	- uses: actions/checkout@v3
	- uses: actions/setup-node@v3
	with:
	node-version: '18'
	- name: Restore npm cache
	uses: actions/cache@v3
	with:
	path: ~/.npm
	key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
	restore-keys: ${{ runner.os }}-node-
	- name: Install dependencies
	run: npm ci
	- name: Security
	run: npm audit --production
	frontend:
	runs-on: ubuntu-latest
	defaults:
	run:
	working-directory: ./frontend
	steps:
	- uses: actions/checkout@v3
	- uses: actions/setup-node@v3
	with:
	node-version: '18'
	- name: Restore npm cache
	uses: actions/cache@v3
	with:
	path: ~/.npm
	key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
	restore-keys: ${{ runner.os }}-node-
	- name: Install dependencies
	run: npm ci
	- name: Security
	run: npm audit --production
	docs:
	runs-on: ubuntu-latest
	defaults:
	run:
	working-directory: ./docs
	steps:
	- uses: actions/checkout@v3
	- uses: actions/setup-node@v3
	with:
	node-version: '18'
	- name: Restore npm cache
	uses: actions/cache@v3
	with:
	path: ~/.npm
	key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
	restore-keys: ${{ runner.os }}-node-
	- name: Install dependencies
	run: npm ci
	- name: Security
	run: npm audit --production
	backend_python:
	runs-on: ubuntu-latest
	defaults:
	run:
	working-directory: ./backend
	steps:
	- uses: actions/checkout@v3
	- name: Set up Python 3.10
	uses: actions/[email protected]
	with:
	python-version: '3.10'
	- uses: actions/cache@v3
	with:
	path: ~/.cache/pip
	key: pip-${{ hashFiles('**/requirements.txt') }}
	restore-keys: pip-
	- run: pip install safety
	- run: \|
	safety check -r worker/requirements.txt \
	--policy-file ./worker/.safety-policy.yml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Check for Vulnerabilities #2662

Workflow file

Check for Vulnerabilities #2662

Jobs

Run details

Workflow file for this run