Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ name: CI
on:
pull_request:
push:
branches: ["main"]
branches: ['main']

jobs:
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/security-scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ jobs:

- name: Dependency Review
uses: actions/dependency-review-action@v4
continue-on-error: true
Comment on lines 24 to +26

Copilot AI Feb 11, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

continue-on-error: true will make the workflow green but still runs the action and records a failed step when Dependency Graph is disabled, which can be noisy/confusing and effectively disables dependency review without any signal. Consider adding an id to the dependency review step and a follow-up step conditioned on steps.<id>.outcome == 'failure' to emit a clear warning/notice (or skip running the action entirely by checking repo settings via the GitHub API).

Copilot uses AI. Check for mistakes.
npm-audit:
name: NPM Security Audit
runs-on: ubuntu-latest
Expand All @@ -34,6 +35,7 @@ jobs:
uses: actions/setup-node@v4
with:
node-version: '20'

- name: Install dependencies
run: npm install
- name: Run npm audit
Expand Down
Loading