name: Security ยท npm audit on: schedule: # Each Monday at 07:00 UTC - cron: '0 7 * * 1' workflow_dispatch: jobs: audit: name: npm audit runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: '20' cache: 'npm' - name: Install dependencies run: npm ci - name: Run audit (fail on high/critical) run: npm audit --audit-level=high