.github/workflows/test_audit.yml

name: NPM Audits

# Runs NPM audits when pushing to release branches
# Forces you to fix all vulnerabilities

on: 
  push:
    branches:
      - release
  
  pull_request:
    branches:
      - release


jobs:
  backend:
    runs-on: ubuntu-latest
    steps:
      - name: checkout
        uses: actions/checkout@v3

      - name: setup node
        uses: actions/setup-node@v3
        with:
          node-version: '16.x'

      - name: cache dependencies
        uses: actions/cache@v3
        with:
          path: ~/.npm
          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
          restore-keys: |
            ${{ runner.os }}-node-

      - run: cd backend && npm ci --force
      - run: cd backend && npm audit --production
  app:
    runs-on: ubuntu-latest
    steps:
    - name: checkout
      uses: actions/checkout@v3
    - name: setup node
      uses: actions/setup-node@v3
      with:
        node-version: '16.x'
    - name: cache dependencies
      uses: actions/cache@v3
      with:
        path: ~/.npm
        key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
        restore-keys: |
          ${{ runner.os }}-node-
     
    - name: open app folder and install node modules
      run: cd app && npm ci --force
    - name: open app folder and check for vulnerabilities
      run: cd app && npm audit --production