chore(deps): lock file maintenance #182

	name: Package Audit

	on:
	push:
	branches:
	- '**'
	paths:
	- package.json
	- package-lock.json
	- .github/workflows/package-audit.yml
	workflow_dispatch:

	permissions:
	contents: read

	jobs:
	audit-npm:
	name: NPM Audit
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

	- name: Setup Node.js environment
	uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
	with:
	node-version: lts/*

	- name: Run audit
	run: npm audit --omit=dev

	provenance:
	name: Verify signatures and provenance statements
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: read
	steps:
	- name: Checkout
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

	- name: Setup Node.js environment
	uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
	with:
	node-version: lts/*
	registry-url: https://npm.pkg.github.com
	cache: npm

	- name: Install dependencies
	run: npm ci --ignore-scripts
	env:
	NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- name: Update npm
	run: npm i -g npm

	- name: Run audit
	run: npm audit signatures
	env:
	NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Provide feedback