ci: separate npm audit job (#705)

Co-authored-by: Rein Schaap <rein@specs.nl>
minvws · Nov 11, 2024 · 4e1d97e · 4e1d97e
1 parent 3d4553a
commit 4e1d97e
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 4 deletions.
diff --git a/.github/actions/setup/action.yml b/.github/actions/setup/action.yml
@@ -3,9 +3,11 @@ description: "Setup Node.js and pnpm and install dependencies"
 
 inputs:
   registry-url:
-    required: false
     description: "Registry URL to setup up for auth. Passed on to actions/setup-node."
     default: ""
+  audit-level:
+    description: "npm audit-level <info|low|moderate|high|critical|none>"
+    default: "high"
 
 runs:
   using: "composite"
@@ -34,7 +36,7 @@ runs:
 
     - name: Audit dependencies
       shell: bash
-      run: pnpm audit
+      run: pnpm audit --audit-level=${{ inputs.audit-level }}
 
     - name: Install dependencies
       shell: bash

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -7,6 +7,15 @@ on:
     branches: [main, 'release/**']
 
 jobs:
+  audit:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Audit dependencies
+        uses: ./.github/actions/setup
+        with:
+          audit-level: moderate
+
   lint:
     runs-on: ubuntu-latest
     steps:
@@ -28,13 +37,13 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - uses: ./.github/actions/setup
-      - name: Check formatting
+      - name: Run svelte-check on docs
         run: pnpm run --dir docs check
 
   build-docs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
       - uses: ./.github/actions/setup
-      - name: Build Docs
+      - name: Build docs
         run: pnpm run build