From bc1a079503ffa1592fd434face6f51db101ce596 Mon Sep 17 00:00:00 2001
From: Nikolai Gotzmann <self@ngotzmann.net>
Date: Sun, 11 Feb 2024 11:52:11 +0100
Subject: [PATCH] KI-frontend update

* Add better npm audit to pipeline
* pipeline will fail if vulneralabity is found higher then moderate
---
 .drone.yml | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/.drone.yml b/.drone.yml
index c008511..9531e0b 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -22,6 +22,26 @@ steps:
       - npm ci
       - npm run lint
 
+---
+
+kind: pipeline
+type: docker
+name: audit
+
+trigger:
+  event:
+    - push
+    - pull_request
+  branch:
+    - main
+
+steps:
+  - name: audit
+    image: node:20
+    commands:
+      - npm install -g better-npm-audit
+      - better-npm-audit audit --production --level=moderate
+
 ---
 kind: pipeline
 type: docker