Skip to content

test PR

test PR #23

name: CVE Scanning for Node.js
on:
schedule:
- cron: '0 8,18 * * 1-5'
pull_request:
paths:
- 'package.json'
- 'package-lock.json'
- 'allow-list.json'
- '.github/workflows/cve-scanning-node.yml'
jobs:
scan:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [16.x]
steps:
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
- run: npm ci --prod
- run: npx --yes auditjs ossi --whitelist allow-list.json