(build) Add yarn npm audit workflows

This adds a workflow to run `yarn npm audit` on every pull request to ensure we do not introduce security vulnerabilities.
chocolatey · Apr 30, 2024 · fb32458 · fb32458
1 parent 6d9f752
commit fb32458
Showing 1 changed file with 14 additions and 0 deletions.
diff --git a/.github/workflows/audit.yaml b/.github/workflows/audit.yaml
@@ -0,0 +1,14 @@
+name: yarn npm audit
+on: [pull_request]
+jobs:
+  yarn-npm-audit:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+      - run: yarn install --immutable
+      - name: Run yarn npm audit
+        run: yarn npm audit --severity moderate
+        continue-on-error: false