From 2871bf76e71ba7e5d849d0d84fbdb63ca017fe21 Mon Sep 17 00:00:00 2001
From: EddeCCC <eduard.schander@gmx.de>
Date: Fri, 29 Nov 2024 18:04:43 +0100
Subject: [PATCH] add automatic security check

---
 .github/workflows/security_check.yml | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 .github/workflows/security_check.yml

diff --git a/.github/workflows/security_check.yml b/.github/workflows/security_check.yml
new file mode 100644
index 0000000..7ebbcfd
--- /dev/null
+++ b/.github/workflows/security_check.yml
@@ -0,0 +1,25 @@
+name: Automatic Security Check
+
+on:
+#  schedule:
+#    - cron: "0 8 1,15 * *" # At 08:00 on day-of-month 1 and 15
+  push:
+
+jobs:
+  security-check:
+    name: Security Check
+    runs-on: ubuntu-latest
+    container:
+      image: node:16.17
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Install dependencies
+        run: yarn install
+      - name: Run yarn audit
+        run: yarn audit --no-color > .yarn-audit
+      - name: Upload report
+        uses: actions/upload-artifact@v3
+        with:
+          name: yarn-audit-report
+          path: .yarn-audit