pezkuwichain/pwap
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pwap.git synced 2026-06-14 10:11:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: enforce security audit - remove continue-on-error

Browse Source
This commit is contained in:
Kurdistan Tech Ministry
2026-02-23 10:19:49 +03:00
parent bc03bd87a1
commit 7183e659c6
1 changed files with 6 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/quality-gate.yml
+6 -9
View File
@@ -169,7 +169,7 @@ jobs:
echo "✅ Deployed web app v${{ env.NEW_VERSION }} to app.pezkuwichain.io" echo "✅ Deployed web app v${{ env.NEW_VERSION }} to app.pezkuwichain.io"
# ======================================== # ========================================
# SECURITY CHECKS (INFORMATIVE) # SECURITY CHECKS (BLOCKING)
# ======================================== # ========================================
security-audit: security-audit:
name: Security Audit name: Security Audit
@@ -185,22 +185,19 @@ jobs:
with: with:
node-version: '20' node-version: '20'
- name: Web - npm audit - name: Web - npm audit (critical only)
working-directory: ./web working-directory: ./web
continue-on-error: true
run: | run: |
npm install npm install
npm audit --audit-level=high npm audit --audit-level=critical
- name: Mobile - npm audit - name: Mobile - npm audit (critical only)
working-directory: ./mobile working-directory: ./mobile
continue-on-error: true
run: | run: |
npm install npm install --legacy-peer-deps
npm audit --audit-level=high npm audit --audit-level=critical --production
- name: TruffleHog Secret Scan - name: TruffleHog Secret Scan
continue-on-error: true
uses: trufflesecurity/trufflehog@main uses: trufflesecurity/trufflehog@main
with: with:
path: ./ path: ./