Skip to content

DEVEXP-183: Run yarn audit during CI build #13

DEVEXP-183: Run yarn audit during CI build

DEVEXP-183: Run yarn audit during CI build #13

Workflow file for this run

name: Security Audit
on:
push:
branches:
- main
pull_request:
branches:
- main
jobs:
audit:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Install jq
run: sudo apt-get update && sudo apt-get install jq
- name: Run security audit
run: |
yarn install --frozen-lockfile
yarn audit --json > audit-report.txt
continue-on-error: true
- name: Validate audit report
run: .github/scripts/validate-audit-report.sh