Skip to content

[#4186]: Automate audit updates through CI #4207

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
evenstensberg wants to merge 2 commits into
base: develop
Choose a base branch
from
Draft

[#4186]: Automate audit updates through CI #4207

evenstensberg wants to merge 2 commits into from
+192 −19

Conversation

@evenstensberg
Copy link
Contributor

@evenstensberg evenstensberg commented Jan 22, 2026
edited
Loading

Summary of the changes

Superseeds #4200

Refactors some logic to let scripts update a single set of expired ghsa's. Please note that this logic could seem rather complex, I tried to make it more approachable, but in the end the complexity needs to be this if we need to keep logic for auditing all vulnerabilities, fail-fast and single-vulnerability updates.

Related issue

#4186

Checklist

General

  • Changes to docs package checked and committed.
  • All acceptance criteria reviewed and met.

Testing

  • Relevant unit tests and visual regression tests added.
  • Visual testing against Figma component specification completed.
  • Playground stories in React Storybook up to date, with any prop changes and additions addressed.
  • Compare performance of modified components against develop using Performance addon in React Storybook.

Accessibility

  • Accessibility Insights FastPass performed.
  • A11y unit test added and yields no issues.
  • A11y plug-in on Storybook yields no issues.
  • Manual screen reader testing performed using NVDA and VoiceOver.
  • Manual keyboard testing for keyboard controls and logical focus order.
  • Correct roles used and ARIA attributes used correctly where required.
  • Logical heading structure is maintained, and the HTML elements used for headings can be changed to fit within the wider page structure.

Resize/zoom behaviour

  • Page can be zoomed to 400% with no loss of content.
  • Screen magnifier used with no issues.
  • Text resized to 200% with no loss of content.
  • Text spacing increased as per the WCAG 1.4.12 success criterion with no loss of content.

System modes

  • Browser setting 'prefers reduced motion' tested. No animations or motion visible whilst this setting is on.
  • Windows High Contrast mode tested with no loss of content.
  • System light and dark mode tested with no loss of content.
  • Browser support tested (Chrome, Safari, Firefox and Edge).

Testing content extremes

  • Min/max content examples tested with no loss of content or overflow.
  • All prop combinations work without issue.
  • Tested for FOUC (Flash of Unstyled Content) in both SSR (Server-Side Rendering) and SSG (Static Site Generation) settings.
  • Controlled and uncontrolled input components tested.
  • Props/slots can be updated after initial render.

@evenstensberg evenstensberg marked this pull request as ready for review January 22, 2026 20:52
@evenstensberg evenstensberg changed the title Automate audit ci [#4186]: Automate audit updates through CI Jan 22, 2026
evenstensberg
evenstensberg commented Jan 22, 2026
View reviewed changes
.github/workflows/update-audits.yml
@@ -0,0 +1,98 @@
name: Poll for new audit fixes
Copy link
Contributor Author

@evenstensberg evenstensberg Jan 22, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The team should manually comb through this workflow and make appropriate changes, this is just a draft generated through ChatGPT:

@evenstensberg evenstensberg mentioned this pull request Jan 28, 2026
Open
@evenstensberg evenstensberg marked this pull request as draft January 28, 2026 19:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@evenstensberg