Skip to content

Upgrade browserify-sign to 4.2.2 to address CVE. #903

Upgrade browserify-sign to 4.2.2 to address CVE.

Upgrade browserify-sign to 4.2.2 to address CVE. #903

Workflow file for this run

name: Common CI
on:
pull_request:
branches: [ main ]
jobs:
audit:
name: Audit ${{ matrix.project }}
runs-on: ubuntu-latest
strategy:
matrix:
project: [apollo, athena, stitch]
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
with:
node-version: 18.x
- name: Audit NPM
run: npm audit --production
working-directory: ./packages/${{ matrix.project }}
continue-on-error: true
detect-secrets:
name: Detect Secrets
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
with:
python-version: 3.11
- uses: actions/setup-node@v2
with:
node-version: 18.x
- name: Install detect-secrets
run: pip install --upgrade git+https://github.com/ibm/[email protected]+ibm.59.dss#egg=detect-secrets
- name: Install Lerna
run: npm install -g lerna
- name: Run detect-secrets
run: lerna run detect-secrets --stream
continue-on-error: true