Skip to content
This repository has been archived by the owner on Oct 26, 2022. It is now read-only.

Requires 2FA for publishing an npm org’s packages.

License

Notifications You must be signed in to change notification settings

smockle-archive/action-package-audit

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

action-package-audit

Requires 2FA for publishing an npm org’s packages.

Environment Variables

NPM_TOKEN

Required A token to authenticate with the npm registry. An read-only token should be provided, not an automation or publish token.

PACKAGE_AUDIT_ORG

Required The npm org to audit. For example, "smockle".

PACKAGE_AUDIT_EXCEPTIONS

Optional A space-delimited list of npm packages which should not require 2FA for publishing. For example, "@smockle/contrast @smockle/periodic".

Example usage

- name: Package Audit
  uses: smockle/action-package-audit@main
  env:
    NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
    PACKAGE_AUDIT_ORG: "smockle"
    PACKAGE_AUDIT_EXCEPTIONS: "@smockle/contrast @smockle/periodic"

About

Requires 2FA for publishing an npm org’s packages.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published