npm-audit-action
npm-audit-action copied to clipboard
oke-py
GitHub Action to run `npm audit`
If npm audit returns non-zero status code, Action should run `npm audit fix` and open a Pull Request.
I'd like to update strip-ansi to 7.0.0. [email protected] is pure ESM, and so the way using the module has changed. ## reproduce Edit the package.json as below. ```diff diff --git...
**What would you like to be added**: Update package version. ``` npm version major|minor|patch ``` Update `dist/index.js`. ``` npm run all ``` Update README and `.github/workflows/daily.yml` to use the latest...
**What would you like to be added**: I'd like the README to include information regarding what level of access the PAT needs to include. **Why is this needed**: So users...
**What would you like to be added**: The option `dedupe_issues` should edit the comment if it already exists and not create a new comment on the same issue **Why is...
**What would you like to be added**: **Why is this needed**: [email protected] is outdated.
**What happened**: Getting a 422 status code error when dev dependencies are found to have vulnerabilities (see screenshot below) and comment on PR does not get created. 
**What would you like to be added**: Action triggered by PR creates a comment if `npm audit` found vulnerabilities. When additional commit resolves the problem, the comment should be removed....
**What would you like to be added**: Add the name of the actual working directory to the report. **Why is this needed**: I configured the action 3 times for 3...
**What would you like to be added**: It would be great to provide a wildcard pattern and an array of working directories to the `working_directory` input. Then the auditing would...