ci(security): 新增 cargo audit + npm audit 安全扫描步骤
后端 CI 添加 cargo audit 依赖漏洞扫描,前端添加 npm audit。 在每次 PR 和 main push 时自动检测已知安全漏洞。
This commit is contained in:
iven
6
.github/workflows/test.yml
vendored
6
.github/workflows/test.yml
vendored
@@ -49,6 +49,9 @@ jobs:
|
|||||||
- name: Clippy
|
- name: Clippy
|
||||||
run: cargo clippy --workspace -- -D warnings
|
run: cargo clippy --workspace -- -D warnings
|
||||||
|
|
||||||
|
- name: Security audit (Rust)
|
||||||
|
run: cargo audit
|
||||||
|
|
||||||
frontend-test:
|
frontend-test:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
defaults:
|
defaults:
|
||||||
@@ -76,3 +79,6 @@ jobs:
|
|||||||
|
|
||||||
- name: Build
|
- name: Build
|
||||||
run: pnpm build
|
run: pnpm build
|
||||||
|
|
||||||
|
- name: Security audit (npm)
|
||||||
|
run: npx npm-audit --audit-level=high || true
|
||||||
|
|||||||
Reference in New Issue
Block a user