/npm-audit-fix-action

[WIP] GitHub Action that opens a pull request following an npm audit fix

Primary LanguageJavaScript

npm-audit-fix-action

[WIP] GitHub Action that opens a pull request following an npm audit fix --force



Screenshot of the Action creating a new pull request

Still todo

  • Figure out how to best test Actions
  • Smarter logic around when --force should be used (if at all)
  • It runs npm audit, checks the sum vulnerabilities, then npm audit fix needed - could that be optimized to one command?