Hartmut
a1f7abc850
CI / Architecture Guardrails (push) Successful in 3m52s
CI / Typecheck (push) Successful in 5m4s
CI / Lint (push) Successful in 4m51s
CI / Assistant Split Regression (push) Successful in 6m20s
CI / Unit Tests (push) Successful in 7m2s
CI / Build (push) Successful in 6m50s
CI / E2E Tests (push) Successful in 6m55s
CI / Fresh-Linux Docker Deploy (push) Successful in 7m34s
CI / Release Images (push) Failing after 45s
act_runner v0.3.1 occasionally cleans the action checkout dir between
the main and post step; v4.0.4's post step then errors on the missing
.gitignore ("remove ... .gitignore: no such file") and fails the job.
Floating to v4 picks up the more defensive cleanup in v4.1+.
34 lines
638 B
YAML
34 lines
638 B
YAML
name: Nightly Security
|
|
|
|
on:
|
|
schedule:
|
|
- cron: "17 2 * * *"
|
|
workflow_dispatch:
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
env:
|
|
NODE_VERSION: "20"
|
|
PNPM_VERSION: "9.14.2"
|
|
|
|
jobs:
|
|
dependency-audit:
|
|
name: Dependency Audit
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Install pnpm
|
|
run: npm install -g pnpm@${{ env.PNPM_VERSION }}
|
|
|
|
- uses: actions/setup-node@v4
|
|
with:
|
|
node-version: ${{ env.NODE_VERSION }}
|
|
|
|
- name: Install dependencies
|
|
run: pnpm install --frozen-lockfile
|
|
|
|
- name: Run dependency audit
|
|
run: pnpm audit --audit-level=high
|