Open cb7chaitanya opened 3 weeks ago
Can i work on this ?
Sure, go ahead Assigned @Prakash-Raut
We currently have a mechanism in place to check for outdated dependencies via npm outdated and notify the team if updates are available (implemented in trivy.yml). While this is useful, it requires manual intervention to update dependencies. To streamline the process and reduce human intervention, we need to enhance the current workflow to automatically create a pull request (PR) when new versions of dependencies are available.
@Prakash-Raut
Any update @Prakash-Raut
Set up a CI workflow that runs npm audit on every pull request to identify vulnerabilities in dependencies and ensure secure libraries are being used.