Página inicial Explorar Ajuda
Entrar
yunoadmin
/
bambuddy
mirror de https://github.com/maziggy/bambuddy
1
0
Fork 0
Arquivos Issues 0 Wiki
Ver código fonte

Updated CI

maziggy 3 meses atrás
pai
5d48ab88f0
commit
802bfe330a
1 arquivos alterados com 3 adições e 3 exclusões
Visão dividida Mostrar estatísticas do Diff
  1. 3 3
      .github/workflows/ci.yml

+ 3 - 3
.github/workflows/ci.yml
Ver arquivo 

@@ -152,9 +152,9 @@ jobs:
 
       - name: Run npm audit
 
         working-directory: frontend
 
         run: |
 
-          # Only fail on fixable high/critical vulnerabilities.
 
-          # Unfixable issues (e.g. npm's bundled tar) are tracked via security.yml.
 
-          npm audit --json > /tmp/audit.json 2>/dev/null || true
 
+          # Only audit production dependencies — dev dependency vulnerabilities
 
+          # don't affect end users. Detailed audits are handled by security.yml.
 
+          npm audit --omit=dev --json > /tmp/audit.json 2>/dev/null || true
 
           python3 -c "
 
           import json, sys
 
           data = json.load(open('/tmp/audit.json'))