diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..cb71aee4 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,14 @@ +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + groups: + npm_and_yarn: + patterns: + - "*" + open-pull-requests-limit: 5 + labels: + - "dependencies" diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f60144a4..7768358f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -25,6 +25,9 @@ jobs: - name: build run: make + - name: audit + run: npm audit --audit-level=high + - name: fail if files changed run: | if ! git diff --quiet --exit-code ; then