Skip to content

Running an Audit Scan with NPM #23

Running an Audit Scan with NPM

Running an Audit Scan with NPM #23

Workflow file for this run

name: NPM Audit Scan for Vulnerabilities
run-name: Running an Audit Scan with NPM
on: push
jobs:
npm-audit-scan-job:
name: NPM Audit Scan for Vulnerabilities
if: github.repository != 'mycloudnexus/cc-api-sandbox'
runs-on: ubuntu-latest
steps:
- name: Checkout Source
uses: actions/checkout@v4
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: "20.x"
cache: "yarn"
- name: Install Dependencies
run: yarn install
- name: NPM Audit Scan and Generate Report in JSON Format
run: yarn npm audit --json > npm-audit-results.json
continue-on-error: true
- name: Upload NPM Audit Scan Report to GitHub
uses: actions/upload-artifact@v4
with:
name: npm-audit-results
path: npm-audit-results.json