Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-24 01:18:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 59

Add malicious package checking (Shai-Halud only) to website CI/CD test script (#36438)

Browse source
This commit is contained in:
Mike McNeil 2025-12-01 15:04:10 -06:00 committed by GitHub
parent ec71fb814e
commit c0b3517f75
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
.github/workflows/test-website.yml vendored
View file

@ -66,5 +66,13 @@ jobs:
# Run sanity checks
- run: cd website/ && npm test
# Scan for malicious packages
# - name: Security Scan with Shai-Hulud Detector
# run: |
# git clone https://github.com/Cobenian/shai-hulud-detect
# cd shai-hulud-detect
# chmod +x shai-hulud-detector.sh
# # ./shai-hulud-detector.sh --paranoid ../ # Pipeline will automatically fail on exit codes 1 or 2
# Compile assets
- run: cd website/ && BUILD_SCRIPT_ARGS="--githubAccessToken=${{ secrets.FLEET_GITHUB_TOKEN_FOR_WEBSITE_TEST }}" npm run build-for-prod