Skip to content

fix: critical security vulnerabilities #70

fix: critical security vulnerabilities

fix: critical security vulnerabilities #70

Workflow file for this run

name: CI
on:
pull_request:
push:
branches:
- main
- 'v*'
env:
node_version: "16.x"
jobs:
build: # make sure build/ci work properly
name: Build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Node.js
uses: actions/setup-node@v3
with:
node-version: ${{ env.node_version }}
cache: yarn
- name: yarn install
run: yarn install
- name: yarn build
run: yarn build
- name: yarn run pack
run: yarn run pack
audit:
name: Audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Node.js
uses: actions/setup-node@v3
with:
node-version: ${{ env.node_version }}
cache: yarn
- name: yarn audit
run: yarn audit --level critical [[ $? -ge 16 ]] && exit 1 || exit 0 # this last part is needed because yarn audit returns a non-0 code if any vulnerabilities are found
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Node.js
uses: actions/setup-node@v3
with:
node-version: ${{ env.node_version }}
cache: yarn
- name: yarn install
run: yarn install
- name: yarn lint
run: yarn run lint
test:
name: Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Node.js
uses: actions/setup-node@v3
with:
node-version: ${{ env.node_version }}
- name: yarn install
run: yarn install
- name: yarn test
run: yarn test