Added check for vulnerable packages to GitHub Actions

elmahio · May 3, 2024 · 45d81dc · 45d81dc
1 parent 90d7197
commit 45d81dc
Showing 1 changed file with 14 additions and 0 deletions.
diff --git a/.github/workflows/dotnet-core.yml b/.github/workflows/dotnet-core.yml
@@ -25,6 +25,20 @@ jobs:
     - name: Install dependencies
       run: dotnet restore
 
+    - name: Check for vulnerable packages
+      run: |
+        set -e # This will cause the script to exit on the first error
+        OUTPUT=$(dotnet list package --vulnerable)
+        echo "$OUTPUT"
+        if echo "$OUTPUT" | grep -q 'no vulnerable packages'; then
+          echo "No vulnerable packages found"
+        else
+          if echo "$OUTPUT" | grep -q 'vulnerable'; then
+            echo "Vulnerable packages found"
+            exit 1
+          fi
+        fi
+
     - name: Build
       run: dotnet build --configuration Release --no-restore