From bc1a079503ffa1592fd434face6f51db101ce596 Mon Sep 17 00:00:00 2001 From: Nikolai Gotzmann Date: Sun, 11 Feb 2024 11:52:11 +0100 Subject: [PATCH] KI-frontend update * Add better npm audit to pipeline * pipeline will fail if vulneralabity is found higher then moderate --- .drone.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/.drone.yml b/.drone.yml index c008511..9531e0b 100644 --- a/.drone.yml +++ b/.drone.yml @@ -22,6 +22,26 @@ steps: - npm ci - npm run lint +--- + +kind: pipeline +type: docker +name: audit + +trigger: + event: + - push + - pull_request + branch: + - main + +steps: + - name: audit + image: node:20 + commands: + - npm install -g better-npm-audit + - better-npm-audit audit --production --level=moderate + --- kind: pipeline type: docker