Skip to content

chore: fixed axios vulnerability by upgrading to 1.7.4 #202

chore: fixed axios vulnerability by upgrading to 1.7.4

chore: fixed axios vulnerability by upgrading to 1.7.4 #202

Workflow file for this run

name: NPM Audit Check
on:
push:
branches: [ main ]
pull_request:
jobs:
audit:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
node-version: [18.x, 16.x, 14.x]
steps:
- name: Checkout cli repo
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v2
with:
node-version: ${{ matrix.node-version }}
cache: 'npm'
- run: make install
- name: Run audit check
run: npm audit --audit-level=moderate --production
# minimum vulnerability level that will cause the command to fail
# audit reports with low severity would pass the test
notify-complete-fail:
if: ${{ failure() && github.ref == 'refs/heads/main' && github.event_name != 'pull_request' }}
needs: [ audit ]
name: Notify Npm Audit Failed
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Slack Notification
uses: rtCamp/action-slack-notify@v2
env:
SLACK_WEBHOOK: ${{ secrets.ALERT_SLACK_WEB_HOOK }}
SLACK_COLOR: 'danger'
SLACK_USERNAME: CLI Github Actions
SLACK_MSG_AUTHOR: twilio-dx
SLACK_ICON_EMOJI: ':github:'
SLACK_TITLE: "Twilio Cli"
SLACK_MESSAGE: 'Cli audit test failed'
MSG_MINIMAL: actions url
SLACK_FOOTER: Posted automatically using GitHub Actions