mirror of
https://github.com/strapi/strapi.git
synced 2026-05-03 16:22:30 +00:00
Ben Irvin
41844c2867
Co-authored-by: christiancp100 <christian.capeans.perez@strapi.io> Co-authored-by: Alexandre BODIN <alexandrebodin@users.noreply.github.com> Co-authored-by: Jean-Sébastien Herbaux <Convly@users.noreply.github.com> Co-authored-by: Jean-Sébastien Herbaux <jean-sebastien.herbaux@epitech.eu> Co-authored-by: Ben Irvin <ben@innerdvations.com> Co-authored-by: Ben Irvin <innerdvations@users.noreply.github.com> Co-authored-by: Christian <christiancp100@gmail.com> Co-authored-by: Bassel Kanso <basselkanso82@gmail.com> Co-authored-by: Marco Autiero <marcoautiero@gmail.com> Co-authored-by: Convly <jean-sebastien.herbaux@epitech.eu> Co-authored-by: christiancp100 <christian.capeans.perez@strapi.io> Co-authored-by: Christian Capeans <christiancp100@gmail.com> Co-authored-by: Bassel <basselkanso82@gmail.com>
30 lines
896 B
YAML
30 lines
896 B
YAML
name: 'Analyze lockfile dependencies'
|
|
description: 'Parse dependencies from the yarn lockfile and run security tests on them'
|
|
inputs:
|
|
path:
|
|
description: 'Path to the yarn lockfile'
|
|
required: false
|
|
default: 'yarn.lock'
|
|
type:
|
|
description: 'Lockfile type, either yarn or npm'
|
|
default: 'yarn'
|
|
required: false
|
|
allowedHosts:
|
|
description: 'Allowed hosts for packages resolution'
|
|
required: false
|
|
default: 'https://registry.yarnpkg.com'
|
|
allowedURLs:
|
|
description: 'Allowed URLs to enable certain specific resources'
|
|
required: false
|
|
default: ''
|
|
runs:
|
|
using: 'composite'
|
|
steps:
|
|
- run: $GITHUB_ACTION_PATH/script.sh
|
|
env:
|
|
LOCKFILE_PATH: ${{ inputs.path }}
|
|
LOCKFILE_TYPE: ${{ inputs.type }}
|
|
LOCKFILE_ALLOWED_HOSTS: ${{ inputs.allowedHosts }}
|
|
LOCKFILE_ALLOWED_URLS: ${{ inputs.allowedURLs }}
|
|
shell: bash
|