Skip to content

[Security & ops] Add npm audit / dependency vulnerability check to CI #77

Description

@chillwur

Description

Catch known-vulnerable dependencies before they reach main, especially important given this service handles custodial private keys.

Deliverables

  • CI step running npm audit --audit-level=high (or equivalent) and failing the build on high/critical findings

Depends on

None

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions