Add dependency audit step to CI and update package dependencies.
This commit is contained in:
@ -1,4 +1,63 @@
|
||||
steps:
|
||||
audit_dependencies:
|
||||
image: node:20
|
||||
environment:
|
||||
DISCORD_WEBHOOK:
|
||||
from_secret: discord_webhook
|
||||
commands:
|
||||
- npm install --package-lock-only
|
||||
- npm audit --audit-level=moderate || AUDIT_EXIT=$?
|
||||
- |
|
||||
if [ ! -z "$AUDIT_EXIT" ]; then
|
||||
echo ""
|
||||
echo "=========================================="
|
||||
echo "⚠️ WARNING: npm audit found vulnerabilities!"
|
||||
echo "⚠️ Please review the security issues above"
|
||||
echo "⚠️ Build continues despite vulnerabilities"
|
||||
echo "=========================================="
|
||||
echo ""
|
||||
|
||||
# Discord Benachrichtigung senden
|
||||
if [ ! -z "$DISCORD_WEBHOOK" ]; then
|
||||
curl -H "Content-Type: application/json" \
|
||||
-d "{
|
||||
\"embeds\": [{
|
||||
\"title\": \"⚠️ npm audit Warnung\",
|
||||
\"description\": \"Es wurden Sicherheitslücken in den Dependencies gefunden!\",
|
||||
\"color\": 16744448,
|
||||
\"fields\": [
|
||||
{
|
||||
\"name\": \"Repository\",
|
||||
\"value\": \"Gallus_Pub\",
|
||||
\"inline\": true
|
||||
},
|
||||
{
|
||||
\"name\": \"Branch\",
|
||||
\"value\": \"${CI_COMMIT_BRANCH}\",
|
||||
\"inline\": true
|
||||
},
|
||||
{
|
||||
\"name\": \"Commit\",
|
||||
\"value\": \"${CI_COMMIT_SHA:0:7}\",
|
||||
\"inline\": true
|
||||
}
|
||||
],
|
||||
\"footer\": {
|
||||
\"text\": \"Build läuft trotzdem durch\"
|
||||
},
|
||||
\"timestamp\": \"$(date -u +%Y-%m-%dT%H:%M:%S.000Z)\"
|
||||
}]
|
||||
}" \
|
||||
"$DISCORD_WEBHOOK"
|
||||
fi
|
||||
else
|
||||
echo "✓ No vulnerabilities found"
|
||||
fi
|
||||
- exit 0
|
||||
when:
|
||||
branch: main
|
||||
event: push
|
||||
|
||||
deploy_frontend:
|
||||
image: node:20
|
||||
environment:
|
||||
|
||||
1092
package-lock.json
generated
1092
package-lock.json
generated
File diff suppressed because it is too large
Load Diff
Reference in New Issue
Block a user