From 8327cf59c56b5805459597e73866cf1054a57f61 Mon Sep 17 00:00:00 2001 From: Jon Griffiths Date: Mon, 29 Jan 2024 22:46:02 +1300 Subject: [PATCH] js: use "npm ci" instead of install for increased security --- .github/workflows/wasm-package.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/wasm-package.yml b/.github/workflows/wasm-package.yml index cecb75cc9..174e2b175 100644 --- a/.github/workflows/wasm-package.yml +++ b/.github/workflows/wasm-package.yml @@ -27,7 +27,7 @@ jobs: - run: sudo contrib/bullseye_deps.sh -j -n -w # Build NPM package into a tgz file (pack internally triggers the build/prepare script) - - run: cd src/wasm_package && npm install && npm pack --foreground-scripts + - run: cd src/wasm_package && npm ci && npm pack --foreground-scripts name: Build & Pack # Report the SHA256 digest of the final package. This should be deterministic (including generated WASM),