From b91297b5684f8515925346657f80d91b20fdfa12 Mon Sep 17 00:00:00 2001 From: Tedd Mason Date: Fri, 15 May 2026 10:33:07 +0100 Subject: [PATCH 1/6] adding dependency-review-action to github actions ci job --- .github/workflows/ci.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 43d34f3..6fcbe1f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -48,3 +48,9 @@ jobs: -Dsonar.issue.ignore.multicriteria.e2.resourceKey=**/docker/scripts/load-dummy-data.sh -Dsonar.issue.ignore.multicriteria.e3.ruleKey=secrets:S2068 -Dsonar.issue.ignore.multicriteria.e3.resourceKey=**/docker/.env + + - name: Dependency Review + uses: actions/dependency-review-action@v4 + with: + fail-on-severity: moderate + comment-summary-in-pr: always \ No newline at end of file From 2af3ebba9f7ca2fc1bec32ff5a4534042f04cc69 Mon Sep 17 00:00:00 2001 From: Tedd Mason Date: Fri, 15 May 2026 10:36:58 +0100 Subject: [PATCH 2/6] filtering out push events, and only running on pr --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6fcbe1f..dc890ab 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -50,6 +50,7 @@ jobs: -Dsonar.issue.ignore.multicriteria.e3.resourceKey=**/docker/.env - name: Dependency Review + if: github.event_name == 'pull_request' uses: actions/dependency-review-action@v4 with: fail-on-severity: moderate From 147bba222fbabd1e47f8cf766bb285f851edc529 Mon Sep 17 00:00:00 2001 From: Tedd Mason Date: Fri, 15 May 2026 10:41:40 +0100 Subject: [PATCH 3/6] adding dependency review action to allow packages --- .github/workflows/ci.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index dc890ab..7ac5436 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -54,4 +54,5 @@ jobs: uses: actions/dependency-review-action@v4 with: fail-on-severity: moderate - comment-summary-in-pr: always \ No newline at end of file + comment-summary-in-pr: always + allow-packages: actions/dependency-review-action \ No newline at end of file From a2801d29ea06229cb045ca31ab1251ca3d0f95a3 Mon Sep 17 00:00:00 2001 From: Tedd Mason Date: Fri, 15 May 2026 10:46:31 +0100 Subject: [PATCH 4/6] taking out the dependency checker filter --- .github/workflows/ci.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7ac5436..dc890ab 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -54,5 +54,4 @@ jobs: uses: actions/dependency-review-action@v4 with: fail-on-severity: moderate - comment-summary-in-pr: always - allow-packages: actions/dependency-review-action \ No newline at end of file + comment-summary-in-pr: always \ No newline at end of file From 19d3e18eecf86dc21e00e973f87c10f9585cd2c8 Mon Sep 17 00:00:00 2001 From: Tedd Mason Date: Fri, 15 May 2026 10:56:16 +0100 Subject: [PATCH 5/6] adding .npmrc file --- .npmrc | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 .npmrc diff --git a/.npmrc b/.npmrc new file mode 100644 index 0000000..8812750 --- /dev/null +++ b/.npmrc @@ -0,0 +1,4 @@ +save-exact=true +ignore-scripts=true +min-release-age=7 +ignore-scripts=true From 31244d89225fb43cad44983ffd7f091ad544851e Mon Sep 17 00:00:00 2001 From: Tedd Mason Date: Fri, 15 May 2026 12:51:49 +0100 Subject: [PATCH 6/6] removing duplicate ignore scripts --- .npmrc | 1 - 1 file changed, 1 deletion(-) diff --git a/.npmrc b/.npmrc index 8812750..97de5ae 100644 --- a/.npmrc +++ b/.npmrc @@ -1,4 +1,3 @@ save-exact=true ignore-scripts=true min-release-age=7 -ignore-scripts=true