Skip to content

Merge pull request #791 from myrotvorets/dependabot/npm_and_yarn/mult… #1255

Merge pull request #791 from myrotvorets/dependabot/npm_and_yarn/mult…

Merge pull request #791 from myrotvorets/dependabot/npm_and_yarn/mult… #1255

Workflow file for this run

name: Package Audit
on:
push:
branches:
- '**'
paths:
- package.json
- package-lock.json
- .github/workflows/package-audit.yml
workflow_dispatch:
permissions:
contents: read
jobs:
audit-npm:
name: NPM Audit
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
disable-sudo: true
allowed-endpoints:
api.github.com:443
github.com:443
objects.githubusercontent.com:443
nodejs.org:443
registry.npmjs.org:443
- name: Audit with NPM
uses: myrotvorets/composite-actions/node-package-audit@931ae3fec4810f7d263d28f6cf12159080b76208