privilegedescalation/org
Archived
12
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

chore(ci): add audit-ci config path for allowlist support

Browse Source 
Add --config ./audit-ci.jsonc to audit-ci step so plugin repos can
provide their own allowlist for inherited @kinvolk/headlamp-plugin
dev-dependency CVEs (CTO decision PRI-854).

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Chris Farhood
2026-05-06 13:16:51 +00:00
committed by Hugh Hackman [agent]
parent ac34b836b9
commit 7f027c6ec2
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/plugin-ci.yaml
+2 -2
View File
@@ -173,7 +173,7 @@ jobs:
- name: Security audit - name: Security audit
run: | run: |
if [ "${{ steps.pkg-manager.outputs.manager }}" = "pnpm" ]; then if [ "${{ steps.pkg-manager.outputs.manager }}" = "pnpm" ]; then
npx audit-ci --pnpm --audit-level=high npx audit-ci --pnpm --audit-level=high --config ./audit-ci.jsonc
else else
npx audit-ci --npm --audit-level=high npx audit-ci --npm --audit-level=high --config ./audit-ci.jsonc
fi fi