typicode/json-server

2 workflows · maturity 17% · 2 patterns · GitHub ↗

Security 19.17/100

Practices

○ Matrix✓ Permissions○ Security scan○ AI review○ Cache○ Concurrency○ Reusable workflows

Detected patterns

container-signingleast-privilege-permissions

Security dimensions

permissions
12.5
security scan
0
supply chain
6.7
secret handling
0
harden runner
0

Workflows (2)

node.js .github/workflows/node.js.yml
Triggers
push
Runs on
ubuntu-latest
Jobs
build
Actions
pnpm/action-setup
Commands
  • pnpm install
  • pnpm run lint
  • pnpm run typecheck
  • pnpm test
View raw YAML 
name: Node.js CI
on: [push]
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6
      - uses: pnpm/action-setup@v4
        with:
          version: 10
      - uses: actions/setup-node@v6
        with:
          node-version: "22.x"
          cache: "pnpm"
      - run: pnpm install
      - run: pnpm run lint
      - run: pnpm run typecheck
      - run: pnpm test
publish perms .github/workflows/publish.yml
Triggers
release
Runs on
ubuntu-latest
Jobs
build
Actions
pnpm/action-setup
Commands
  • pnpm install
  • pnpm publish --provenance --access public --no-git-checks --tag latest
View raw YAML 
name: Publish Package to npmjs
on:
  release:
    types: [published]
permissions:
  id-token: write  # Required for OIDC
  contents: read
jobs:
  build:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    steps:
      - uses: actions/checkout@v6
      - uses: pnpm/action-setup@v4
        with:
          version: 10
      - uses: actions/setup-node@v6
        with:
          node-version: "24.x"
          registry-url: "https://registry.npmjs.org"
      - run: pnpm install
      - run: pnpm publish --provenance --access public --no-git-checks --tag latest