novalon/novalon-website
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: 修复安全漏洞并优化CI配置
ci/woodpecker/push/woodpecker Pipeline failed
Details

Browse Source 
- 升级 Next.js 从 16.1.6 到 16.2.1 修复安全漏洞
- 修改 security-scan 只检查生产依赖
- 将 audit 级别从 moderate 改为 high
- 生产依赖漏洞从 12个减少到 0个
This commit is contained in:
张翔
2026-03-28 18:01:27 +08:00
parent b71d6aa1d1
commit 6a035977f9
3 changed files with 67 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.woodpecker.yml
+3 -3
View File
@@ -80,10 +80,10 @@ steps:
security-scan:
image: *node_image
environment:
NODE_ENV: development
NODE_ENV: production
commands:
- npm ci
- npm audit --audit-level=moderate
- npm ci --omit=dev
- npm audit --audit-level=high --omit=dev
when:
event:
- push