-
Notifications
You must be signed in to change notification settings - Fork 7
36 lines (28 loc) · 991 Bytes
/
Copy pathdev-dep-audit.yml
File metadata and controls
36 lines (28 loc) · 991 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
name: dev-dep-audit
on:
pull_request:
branches: [dev]
concurrency:
group: dev-dep-audit-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
permissions:
contents: read
jobs:
dev-dep-audit:
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # actions/checkout@v6
with:
persist-credentials: false
- uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # actions/setup-node@v6.4.0
with:
node-version: "24"
- uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # oven-sh/setup-bun@v2
with:
# Load-bearing for `bun audit` exit semantics; do not bump without re-verifying advisory exit codes.
bun-version: "1.3.14"
- name: Install dependencies
run: bun install --frozen-lockfile
- name: Run Bun audit
run: bun audit --audit-level=high