Hartmut/CapaKraken
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

ci: add dependency audit step and CODEOWNERS

Browse Source 
- Add pnpm audit --audit-level=high to CI guardrails job so vulnerable
  packages are caught before merge, not just in nightly scans
- Add CODEOWNERS for review routing on infra, schema, and auth changes

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Hartmut Nörenberg
2026-04-11 08:31:45 +02:00
parent 85e1bcc06f
commit 9c537b027b
2 changed files with 17 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/ci.yml
+3
View File
@@ -46,6 +46,9 @@ jobs:
- name: Check workspace imports
run: pnpm check:imports
- name: Security audit (high+ severity)
run: pnpm audit --audit-level=high
# ──────────────────────────────────────────────
# Typecheck — ~40s, no services needed
# ──────────────────────────────────────────────