feat: Turborepo remote caching for all CI steps #1

Workflow file for this run

	name: Dependency Audit

	on:
	push:
	branches: [main, develop]
	pull_request:
	branches: [main, develop]
	schedule:
	- cron: '0 6 * * 1' # Weekly on Monday

	permissions:
	contents: read
	pull-requests: write

	jobs:
	npm-audit:
	name: pnpm audit
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- uses: pnpm/action-setup@v4
	- uses: actions/setup-node@v4
	with:
	node-version: 22
	cache: pnpm
	- run: pnpm install --frozen-lockfile
	- name: Run pnpm audit
	id: npm_audit
	run: pnpm audit --audit-level=high 2>&1 \| tee /tmp/npm-audit.txt; exit ${PIPESTATUS[0]}
	continue-on-error: true
	- name: Post audit results as PR comment
	if: github.event_name == 'pull_request'
	uses: actions/github-script@v7
	with:
	script: \|
	const fs = require('fs');
	const output = fs.readFileSync('/tmp/npm-audit.txt', 'utf8');
	const status = '${{ steps.npm_audit.outcome }}' === 'success' ? '✅' : '❌';
	github.rest.issues.createComment({
	issue_number: context.issue.number,
	owner: context.repo.owner,
	repo: context.repo.repo,
	body: `### ${status} pnpm audit\n\`\`\`\n${output.slice(0, 6000)}\n\`\`\``
	});
	- name: Fail if audit found high/critical issues
	if: steps.npm_audit.outcome == 'failure'
	run: exit 1

	cargo-audit:
	name: cargo audit
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: Install Rust toolchain
	uses: dtolnay/rust-toolchain@master
	with:
	toolchain: "1.85.0"
	- uses: Swatinem/rust-cache@v2
	with:
	workspaces: apps/contracts
	- name: Install cargo-audit
	run: cargo install cargo-audit --locked
	- name: Run cargo audit
	id: cargo_audit
	run: cargo audit 2>&1 \| tee /tmp/cargo-audit.txt; exit ${PIPESTATUS[0]}
	working-directory: apps/contracts
	continue-on-error: true
	- name: Post audit results as PR comment
	if: github.event_name == 'pull_request'
	uses: actions/github-script@v7
	with:
	script: \|
	const fs = require('fs');
	const output = fs.readFileSync('/tmp/cargo-audit.txt', 'utf8');
	const status = '${{ steps.cargo_audit.outcome }}' === 'success' ? '✅' : '❌';
	github.rest.issues.createComment({
	issue_number: context.issue.number,
	owner: context.repo.owner,
	repo: context.repo.repo,
	body: `### ${status} cargo audit\n\`\`\`\n${output.slice(0, 6000)}\n\`\`\``
	});
	- name: Fail if audit found vulnerabilities
	if: steps.cargo_audit.outcome == 'failure'
	run: exit 1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: Turborepo remote caching for all CI steps #1

Workflow file

feat: Turborepo remote caching for all CI steps #1

Uh oh!

Workflow file for this run