diff --git a/.github/workflows/cve-scanning-node.yml b/.github/workflows/cve-scanning-node.yml index cd434a76..5ef0b4f5 100644 --- a/.github/workflows/cve-scanning-node.yml +++ b/.github/workflows/cve-scanning-node.yml @@ -20,5 +20,7 @@ jobs: uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} - - run: npm ci --prod + - run: npm config set package-lock false + # TODO - this is ignoring package-lock.json + - run: npm install --prod - run: npx --yes auditjs ossi --whitelist allow-list.json \ No newline at end of file