pezkuwichain/pwap
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pwap.git synced 2026-04-22 02:07:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: enforce security audit - remove continue-on-error

Browse Source
This commit is contained in:
Kurdistan Tech Ministry
2026-02-23 10:19:49 +03:00
parent bc03bd87a1
commit 7183e659c6
1 changed files with 6 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/quality-gate.yml
+6 -9
View File
@@ -169,7 +169,7 @@ jobs:
echo "✅ Deployed web app v${{ env.NEW_VERSION }} to app.pezkuwichain.io"
# ========================================
# SECURITY CHECKS (INFORMATIVE)
# SECURITY CHECKS (BLOCKING)
# ========================================
security-audit:
name: Security Audit
@@ -185,22 +185,19 @@ jobs:
with:
node-version: '20'
- name: Web - npm audit
- name: Web - npm audit (critical only)
working-directory: ./web
continue-on-error: true
run: |
npm install
npm audit --audit-level=high
npm audit --audit-level=critical
- name: Mobile - npm audit
- name: Mobile - npm audit (critical only)
working-directory: ./mobile
continue-on-error: true
run: |
npm install
npm audit --audit-level=high
npm install --legacy-peer-deps
npm audit --audit-level=critical --production
- name: TruffleHog Secret Scan
continue-on-error: true
uses: trufflesecurity/trufflehog@main
with:
path: ./