quinn-dougherty
commented
3 years ago Talked to isaac -- the nix fellas are gonna enforce npm audit when the nix expression gets written, we don't need it in a github job right now.
Closed quinn-dougherty closed 3 years ago
quinn-dougherty
commented
3 years ago Talked to isaac -- the nix fellas are gonna enforce npm audit when the nix expression gets written, we don't need it in a github job right now.
CI will run
npm auditonpackage.jsonfiles and fail if it raises any warnings. I can set it up to open up issues for each warning, but I got 89 vulnerabilities (!) when I ran it locally onfrontend-landingso be warned.