use npm install instead of ci

finos · Dec 14, 2022 · 0c5841b · 0c5841b
1 parent 6b2abe7
commit 0c5841b
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/.github/workflows/cve-scanning-node.yml b/.github/workflows/cve-scanning-node.yml
@@ -20,5 +20,7 @@ jobs:
         uses: actions/setup-node@v3
         with:
           node-version: ${{ matrix.node-version }}
-      - run: npm ci --prod
+      - run: npm config set package-lock false
+      # TODO - this is ignoring package-lock.json
+      - run: npm install --prod
       - run: npx --yes auditjs ossi --whitelist allow-list.json