From 709ace5d4f25aac8c25fed298f4fac90a05cd370 Mon Sep 17 00:00:00 2001
From: Simon Vieille <simon@deblan.fr>
Date: Sun, 4 Dec 2022 22:25:04 +0100
Subject: [PATCH 1/3] CI: add dependency check

---
 .woodpecker.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.woodpecker.yml b/.woodpecker.yml
index 354819e..29e70b2 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -30,6 +30,12 @@ pipeline:
     when:
       event: [pull_request]
 
+  dependency_check:
+    image: registry.gitlab.com/gitlab-ci-utils/docker-dependency-check:latest
+    commands:
+      - /usr/share/dependency-check/bin/dependency-check.sh --scan "./" --format ALL --project "$CI_REPO" --failOnCVSS 0
+      - if [ $(grep -c "vulnerabilities" dependency-check-report.json) -gt 0 ]; then exit 2; fi
+
   package:
     image: gitnet.fr/deblan/devenv
     volumes:

From b50cd5c4d071b63bb6062cbb5c004b5187bf1349 Mon Sep 17 00:00:00 2001
From: Simon Vieille <simon@deblan.fr>
Date: Sun, 4 Dec 2022 22:42:50 +0100
Subject: [PATCH 2/3] CI: update dependency check

---
 .woodpecker.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.woodpecker.yml b/.woodpecker.yml
index 29e70b2..ee170c2 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -33,8 +33,7 @@ pipeline:
   dependency_check:
     image: registry.gitlab.com/gitlab-ci-utils/docker-dependency-check:latest
     commands:
-      - /usr/share/dependency-check/bin/dependency-check.sh --scan "./" --format ALL --project "$CI_REPO" --failOnCVSS 0
-      - if [ $(grep -c "vulnerabilities" dependency-check-report.json) -gt 0 ]; then exit 2; fi
+      - /usr/share/dependency-check/bin/dependency-check.sh --scan ./*.json -out ./ --format ALL --failOnCVSS 0
 
   package:
     image: gitnet.fr/deblan/devenv

From 5411267960407fccc54f0353b5ce37e04ad8d57b Mon Sep 17 00:00:00 2001
From: Simon Vieille <simon@deblan.fr>
Date: Sun, 4 Dec 2022 22:52:02 +0100
Subject: [PATCH 3/3] CI: use nodejs for dependency check

---
 .woodpecker.yml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/.woodpecker.yml b/.woodpecker.yml
index ee170c2..71adb98 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -31,9 +31,12 @@ pipeline:
       event: [pull_request]
 
   dependency_check:
-    image: registry.gitlab.com/gitlab-ci-utils/docker-dependency-check:latest
+    image: node:16-slim
     commands:
-      - /usr/share/dependency-check/bin/dependency-check.sh --scan ./*.json -out ./ --format ALL --failOnCVSS 0
+      - npm audit
+    failure: ignore
+    when:
+      event: [pull_request]
 
   package:
     image: gitnet.fr/deblan/devenv