Skip to content

NuGet vulnerabilities #1067

NuGet vulnerabilities

NuGet vulnerabilities #1067

name: NuGet vulnerabilities
on:
schedule:
- cron: "0 0 * * 1-5"
push:
branches: [ master ]
paths-ignore:
- '**.md'
pull_request:
branches: [ master ]
paths-ignore:
- '**.md'
env:
DOTNET_NOLOGO: true
DOTNET_CLI_TELEMETRY_OPTOUT: true
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true
jobs:
nuget-vulnerabilities:
name: NuGet vulnerabilities
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4.1.7
- uses: actions/setup-dotnet@v4.0.1
- run: dotnet restore
- name: Check vulnerable packages
id: packages
run: |
packages=$(dotnet list package --include-transitive --vulnerable)
echo "PACKAGES<<EOF" >> $GITHUB_ENV
echo "$packages" >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "$packages"
- name: Found vulnerable packages
run: exit 1
if: ${{ contains(env.PACKAGES, 'has the following vulnerable packages') }}