7070 with :
7171 path : results.md
7272 trim : true
73+ # Run npm audit and npm list to build up additional report explanations
74+ - name : Generate npm audit and list report
75+ id : audit_list_report
76+ uses : ./.github/actions/npm-audit-list
77+ continue-on-error : true # this action may not exist in the repo yet...
7378 - name : Find the most recent OSV issue
7479 env :
7580 GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
@@ -86,19 +91,19 @@ jobs:
8691 ISSUE_BODY : ${{ steps.results.outputs.content }}
8792 LATEST_ISSUE : ${{ steps.latest_issue.outputs.content }}
8893 run : |
89- gh issue edit ${LATEST_ISSUE} --title "Vulnerabilities as of ${NOW}" --body "${ISSUE_BODY}"
94+ gh issue edit ${LATEST_ISSUE} --title "Vulnerabilities as of ${NOW}" --body "${ISSUE_BODY} ${{ steps.audit_list_report.outputs.result }} "
9095name : Close existing issue if no vulnerabilities
9196 if : ${{ steps.latest_issue.outputs.content != '' && contains(steps.results.outputs.content, 'No issues found') }}
9297 env :
9398 GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
9499 LATEST_ISSUE : ${{ steps.latest_issue.outputs.content }}
95100 COMMENT : ${{ steps.results.outputs.content }}
96101 run : |
97- gh issue close ${LATEST_ISSUE} --comment "${COMMENT}"
102+ gh issue close ${LATEST_ISSUE} --comment "${COMMENT} ${{ steps.audit_list_report.outputs.result }} "
98103name : Create issue from results
99104 if : ${{ steps.latest_issue.outputs.content == '' && !contains(steps.results.outputs.content, 'No issues found') }}
100105 env :
101106 GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
102107 ISSUE_BODY : ${{ steps.results.outputs.content }}
103108 run : |
104- gh issue create --title "Vulnerabilities as of ${NOW}" --body "${ISSUE_BODY}" --label OSV
109+ gh issue create --title "Vulnerabilities as of ${NOW}" --body "${ISSUE_BODY} ${{ steps.audit_list_report.outputs.result }} " --label OSV
0 commit comments