DMED-119 - Spike: direktes Einbinden der edu-sharing-Suchumgebung in den "Lern-Store" der SVS #13041

	name: Security Audit

	on:
	pull_request:
	paths:
	- "package.json"
	- "package-lock.json"

	permissions:
	contents: read

	jobs:
	PROD:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: npm audit prod
	run: npm audit --production --audit-level=low
	DEV:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: npm audit dev
	# --only=dev currently does not work: https://npm.community/t/npm-audit-without-fix-ignores-only-prod/3959/7
	run: npm audit --only=dev --audit-level=moderate

Provide feedback