Skip to content
Supply Chain Audit

Merge pull request #6560 from mempool/dependabot/npm_and_yarn/fronten… #67

Sign in to view logs

Merge pull request #6560 from mempool/dependabot/npm_and_yarn/fronten…

Merge pull request #6560 from mempool/dependabot/npm_and_yarn/fronten… #67

Workflow file for this run

.github/workflows/supply-chain-audit.yml at 344d4b6
name: Supply Chain Audit
on:
pull_request:
types: [opened, synchronize]
push:
branches:
- master
permissions:
contents: read
jobs:
backend:
if: "(github.event_name == 'pull_request' && !contains(github.event.pull_request.labels.*.name, 'ops') && !contains(github.head_ref, 'ops/')) || github.event_name == 'push'"
runs-on: mempool-ci
name: Backend install-script audit
steps:
- name: Checkout
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
- name: Setup Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
with:
node-version: "24.13.0"
registry-url: "https://registry.npmjs.org"
- name: Install npm 11.12.0
run: npm install -g npm@11.12.0
- name: Audit backend install scripts
run: bash backend/meta/scripts/check-install-scripts.sh
- name: Run backend safe install
run: bash backend/meta/scripts/safe-install.sh
frontend:
if: "(github.event_name == 'pull_request' && !contains(github.event.pull_request.labels.*.name, 'ops') && !contains(github.head_ref, 'ops/')) || github.event_name == 'push'"
runs-on: mempool-ci
name: Frontend install-script audit
steps:
- name: Checkout
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3
- name: Setup Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
with:
node-version: "24.13.0"
registry-url: "https://registry.npmjs.org"
- name: Install npm 11.12.0
run: npm install -g npm@11.12.0
- name: Audit frontend install scripts
run: bash frontend/meta/scripts/check-install-scripts.sh
- name: Run frontend safe install
run: bash frontend/meta/scripts/safe-install.sh