From 4fb59b2a50da0a4ecf1aa68e92b33cfda5202fd5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=97=D0=B8=D0=BC=D0=B8=D0=BD=20=D0=90=D1=80=D1=82=D0=B5?=
 =?UTF-8?q?=D0=BC=20=D0=9D=D0=B8=D0=BA=D0=BE=D0=BB=D0=B0=D0=B5=D0=B2=D0=B8?=
 =?UTF-8?q?=D1=87?= <106737730+sanityFair@users.noreply.github.com>
Date: Mon, 20 Nov 2023 14:19:53 +0300
Subject: [PATCH] chore(workflows): add dependency review

---
 .github/workflows/dependency-review.yml | 35 +++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 .github/workflows/dependency-review.yml

diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
new file mode 100644
index 00000000..2587c7a8
--- /dev/null
+++ b/.github/workflows/dependency-review.yml
@@ -0,0 +1,35 @@
+name: 'Dependency review'
+on:
+  pull_request:
+    paths:
+      - packages/arui-scripts/**
+
+permissions:
+  discussions: write
+  contents: read
+  pull-requests: write
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+      - name: Use Node.js 18.x
+        uses: actions/setup-node@v1
+      - name: Npm Install 
+        run: |
+          npm install
+        working-directory: ./packages/arui-scripts
+      - name: Run Audit
+        id: audit
+        uses: oke-py/npm-audit-action@v2
+        with:
+         audit_level: critical
+         github_token: ${{ secrets.GITHUB_TOKEN }}
+         working_directory: ./packages/arui-scripts
+         issue_assignees: oke-py
+         issue_labels: vulnerability
+      - name: Auto approve
+        if: steps.audit.outcome  == 'success'
+        uses: hmarr/auto-approve-action@v3
\ No newline at end of file