action.yml

name: 'yarn npm audit action'
description: 'run yarn npm audit'
author: 'basal-luke <luke@basal.dev>'
inputs:
  severity_level:
    description: 'The value of `--severity` flag'
    default: low
    required: false
  create_issues:
    description: 'Flag to create issues when vulnerabilities are found'
    default: 'true'
    required: false
  create_pr_comments:
    description: 'Flag to create pr comments when vulnerabilities are found'
    default: 'true'
    required: false
  dedupe_issues:
    description: 'Flag to de-dupe against open issues'
    default: 'false'
    required: false
  github_context:
    description: 'The `github` context'
    default: ${{ toJson(github) }}
    required: false
  github_token:
    description: 'GitHub Access Token.'
    required: true
  issue_assignees:
    description: 'Issue assignees (separated by commma)'
    required: false
  issue_labels:
    description: 'Issue labels (separated by commma)'
    required: false
  issue_title:
    description: 'Issue title'
    default: 'npm audit found vulnerabilities'
    required: false
  json_flag:
    description: 'Run `yarn npm audit` with `--json`'
    default: 'false'
    required: false
  production_flag:
    description: 'Run `yarn npm audit` with `--environment=production`'
    default: 'false'
    required: false
  recursive_flag:
    description: 'Run `yarn npm audit` with `--recursive`'
    default: 'false'
    required: false
  working_directory:
    description: 'The directory which contains package.json'
    required: false
outputs:
  npm_audit:
    description: 'The output of the npm audit report in a text format'
runs:
  using: 'node16'
  main: 'dist/index.js'
branding:
  icon: 'search'
  color: 'orange'