[FEAT] Automate NPM Dependency Upgrades and PR Creation Workflow #205
Assignees
Comments
|
Can i work on this ? |
|
Sure, go ahead |
cb7chaitanya
changed the title
|
We currently have a mechanism in place to check for outdated dependencies via npm outdated and notify the team if updates are available (implemented in trivy.yml). While this is useful, it requires manual intervention to update dependencies. To streamline the process and reduce human intervention, we need to enhance the current workflow to automatically create a pull request (PR) when new versions of dependencies are available. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Set up a CI workflow that runs npm audit on every pull request to identify vulnerabilities in dependencies and ensure secure libraries are being used.
The text was updated successfully, but these errors were encountered: