Added check for vulnerable packages to GitHub Actions

elmahio · May 3, 2024 · f9ea4ca · f9ea4ca
1 parent f8282d3
commit f9ea4ca
Showing 1 changed file with 13 additions and 0 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -22,6 +22,19 @@ jobs:
           8.0.x
     - name: Install dependencies
       run: dotnet restore
+    - name: Check for vulnerable packages
+      run: |
+        set -e # This will cause the script to exit on the first error
+        OUTPUT=$(dotnet list src/Elmah.Io.Functions/Elmah.Io.Functions.csproj package --vulnerable)
+        echo "$OUTPUT"
+        if echo "$OUTPUT" | grep -q 'no vulnerable packages'; then
+          echo "No vulnerable packages found"
+        else
+          if echo "$OUTPUT" | grep -q 'vulnerable'; then
+            echo "Vulnerable packages found"
+            exit 1
+          fi
+        fi
     - name: Build
       run: dotnet build --configuration Release --no-restore
     - name: Test