privilegedescalation/org
12
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
07c4b881f3ccd5dd657d34b665496080f8ae3552
org/.github/workflows
T
History
privilegedescalation-engineer[bot] 922b462195 fix(plugin-ci): use npm audit for both pnpm and npm repos (#92) 
The pnpm registry audit endpoint is retired (HTTP 410).

Fix: for pnpm repos, run 'npm install --package-lock-only --ignore-scripts --quiet --no-audit'
to generate a package-lock.json from pnpm-lock.yaml metadata, then run npm audit.
For npm repos, continue using npm audit directly.

Use --audit-level=moderate to fail only on high/critical vulnerabilities,
not moderate ones, reducing noise from transitive dependencies.

Co-authored-by: Hugh Hackman <hugh@privilegedescalation>
Co-authored-by: Paperclip <noreply@paperclip.ing>
2026-04-15 01:56:15 +00:00
..
ci-health-check.yaml
ci: upgrade GitHub Actions to Node.js 24-compatible versions
2026-03-24 16:10:18 +00:00
dual-approval-check.yaml
fix: make pr_number input optional in dual-approval-check
2026-03-25 13:04:52 +00:00
plugin-ci.yaml
fix(plugin-ci): use npm audit for both pnpm and npm repos (#92)
2026-04-15 01:56:15 +00:00
plugin-e2e.yaml
ci: add reusable plugin-e2e workflow
2026-03-24 23:28:53 +00:00
plugin-release.yaml
fix: install corepack before enabling pnpm on self-hosted runners
2026-04-14 23:55:11 +00:00
pr-validation.yaml
fix: update runner label from local-ubuntu-latest to runners-privilegedescalation
2026-03-19 20:11:51 +00:00