Skip to content

chore(deps-dev): bump ws from 8.16.0 to 8.17.1 in the npm_and_yarn group #27

chore(deps-dev): bump ws from 8.16.0 to 8.17.1 in the npm_and_yarn group

chore(deps-dev): bump ws from 8.16.0 to 8.17.1 in the npm_and_yarn group #27

Workflow file for this run

name: Security Checks
on:
pull_request:
types: [opened, synchronize, reopened]
permissions:
contents: read
pull-requests: write
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref }}
cancel-in-progress: true
jobs:
rule_check:
runs-on: ubuntu-latest
continue-on-error: true
steps:
- uses: actions/checkout@v4
- name: Run Report
id: report
uses: bearer/bearer-action@v2
with:
format: rdjson
output: rd.json
diff: true
- uses: reviewdog/action-setup@v1
with:
reviewdog_version: latest
- name: Run reviewdog
env:
REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
cat rd.json | reviewdog -f=rdjson -reporter=github-pr-review
sbom:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Create SBOM
uses: anchore/sbom-action@v0
with:
output-file: "${{ github.event.repository.name }}-sbom.spdx.json"
- name: Scan SBOM
uses: anchore/scan-action@v3
with:
sbom: "${{ github.event.repository.name }}-sbom.spdx.json"
fail-build: true
severity-cutoff: critical