Skip to content
CVE Scanning for Node.js

Add Spectral rules to validate that interfaces are defined on the specific node referenced (169) #1357

Sign in to view logs

Add Spectral rules to validate that interfaces are defined on the specific node referenced (169)

Add Spectral rules to validate that interfaces are defined on the specific node referenced (169) #1357

Workflow file for this run

.github/workflows/cve-scanning-node.yml at 4f574d9
name: CVE Scanning for Node.js
on:
workflow_dispatch:
schedule:
- cron: '0 8,18 * * 1-5'
push:
paths:
- '**/package.json'
- '**/package-lock.json'
- '.github/workflows/node-cve-ignore-list.xml'
- '.github/workflows/cve-scanning-node.yml'
pull_request:
paths:
- '**/package.json'
- '**/package-lock.json'
- '.github/workflows/node-cve-ignore-list.xml'
- '.github/workflows/cve-scanning-node.yml'
jobs:
node-modules-scan:
name: ${{ matrix.module-folder }}-node-scan
runs-on: ubuntu-latest
continue-on-error: false
strategy:
matrix:
module-folder: ['cli', 'docs', 'shared']
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Node
uses: actions/setup-node@v4
with:
node-version: 20
- name: Build project with NPM
run: npm install --omit=dev
working-directory: ${{ matrix.module-folder }}
- name: Depcheck
uses: dependency-check/Dependency-Check_Action@main
id: Depcheck
with:
project: '${{ matrix.module-folder }}'
path: '${{ matrix.module-folder }}'
format: 'HTML'
out: '${{ matrix.module-folder }}-reports'
args: >
--suppression .github/node-cve-ignore-list.xml
--nodeAuditSkipDevDependencies
--nodePackageSkipDevDependencies
--failOnCVSS 5
--enableRetired
- run: |
echo `echo UPNAME=${{matrix.module-folder}} | tr '/' '-'` >> $GITHUB_ENV
shell: bash
- name: Upload Test results
if: ${{ always() }}
uses: actions/upload-artifact@v4
with:
name: Depcheck report ${{ env.UPNAME }}
path: ${{ github.workspace }}/${{ matrix.module-folder }}-reports