From 55534e2bfbc5b9148f35f25a16b5cb2992fa5bbf Mon Sep 17 00:00:00 2001
From: Nathan Smith <nathan.smith12@nhs.net>
Date: Wed, 9 Aug 2023 09:50:27 +0000
Subject: [PATCH] Add dependency check task to test.yml

---
 .github/workflows/test.yml | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 50a70b8..05dd9f6 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -16,3 +16,20 @@ jobs:
       - run: npm ci
       - run: npm run lint
       - run: npm test
+      - name: Depcheck
+        uses: dependency-check/Dependency-Check_Action@main
+        id: Depcheck
+        with:
+          project: 'user-feedback-store'
+          path: '.'
+          format: 'HTML'
+          out: 'reports'
+          args: >
+            --failOnCVSS 7 
+            --nodePackageSkipDevDependencies
+            --nodeAuditSkipDevDependencies
+      - name: Upload OWAPS results
+        uses: actions/upload-artifact@master
+        with:
+           name: Depcheck report
+           path: ${{github.workspace}}/reports