Gandalf/sofarr
1
0
Fork 0
Code Issues 1 Pull Requests Actions 1 Packages Projects Releases 15 Wiki Activity

fix(security #17): add npm audit to CI pipeline and package scripts
Some checks failed
Build and Push Docker Image / build (push) Successful in 32s
Details
CI / npm audit (push) Failing after 2m20s
Details

Browse Source 
Added .gitea/workflows/ci.yml which runs 'npm audit --audit-level=moderate'
on every push and PR. Fails the build on any moderate or higher severity
finding.

Also added 'npm run audit' and 'npm run audit:fix' convenience scripts
to package.json for local use.
This commit is contained in:
Gronod
2026-05-16 16:27:33 +01:00
parent 44cff5bf41
commit 14de5e4644
2 changed files with 29 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
package.json
View File

@@ -6,7 +6,9 @@
"scripts": {
"dev": "nodemon server/index.js",
"start": "node server/index.js",
"install:all": "npm install"
"install:all": "npm install",
"audit": "npm audit --audit-level=moderate",
"audit:fix": "npm audit fix"
},
"dependencies": {
"axios": "^1.6.0",