Skip to content

[StepSecurity] ci: Harden GitHub Actions #27

[StepSecurity] ci: Harden GitHub Actions

[StepSecurity] ci: Harden GitHub Actions #27

Workflow file for this run

# This workflow will run tests using node and then publish a package to GitHub Packages when a release is created
# For more information see: https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages
name: Node Tests
on: [push]
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Node
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
node-version: 22
- name: Install Dependencies
run: |
if [ -f package-lock.json ]; then
npm ci
else
echo "No lock file. Skipping npm ci"
fi
- name: Run Tests
run: npm test