| name: Security Audit | |
| on: | |
| pull_request: | |
| branches: | |
| - '*' | |
| push: | |
| branches: | |
| - main | |
| - master | |
| schedule: | |
| # Run weekly on Mondays at 9 AM UTC | |
| - cron: '0 9 * * 1' | |
| jobs: | |
| audit: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup project | |
| uses: ./.github/actions/setup-project | |
| with: | |
| check-lockfile: 'true' | |
| - name: Run npm audit | |
| run: npm audit --audit-level=critical | |
| continue-on-error: false | |