Skip to content

Update dependency classnames to v2.5.1 #2945

Update dependency classnames to v2.5.1

Update dependency classnames to v2.5.1 #2945

name: CVE Scanning for Node.js
on:
push:
paths:
- 'package.json'
- 'package-lock.json'
- 'allow-list.json'
- '.github/workflows/cve-scanning-node.yml'
jobs:
scan:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [18.x]
steps:
- uses: actions/checkout@v3
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
- run: npm config set package-lock false
# TODO - this is ignoring package-lock.json
- run: npm install --prod --ignore-scripts
- run: npx --yes auditjs ossi --whitelist allow-list.json