From cc3613caf3d3003d55cb923c2b10cc54b224de57 Mon Sep 17 00:00:00 2001
From: hallvictoria <59299039+hallvictoria@users.noreply.github.com>
Date: Wed, 18 Dec 2024 11:22:11 -0600
Subject: [PATCH] Add build vulnerability scan (#317)

* run vulnerability scan + testing

* revert npm audit test

---------

Co-authored-by: Victoria Hall <victoria.hall@microsoft.com>
---
 azure-pipelines/templates/build.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/azure-pipelines/templates/build.yml b/azure-pipelines/templates/build.yml
index 63dd49b..2b8a464 100644
--- a/azure-pipelines/templates/build.yml
+++ b/azure-pipelines/templates/build.yml
@@ -16,6 +16,8 @@ jobs:
             displayName: 'Install Node.js'
           - script: npm ci
             displayName: 'npm ci'
+          - script: npm audit --production
+            displayName: 'Run vulnerability scan'
           - script: npm run updateVersion -- --buildNumber $(Build.BuildNumber)
             displayName: 'npm run updateVersion'
             condition: and(succeeded(), eq(${{ parameters.IsPrerelease }}, true))