Merge pull request #1717 from finos/TheJuanAndOnly99-patch-2

kriswest · web-flow · commit 92016b208ee5 · 2025-12-10T16:31:50.000Z
Configure environment variables for CVE scanning
diff --git a/.github/workflows/cve-scanning.yml b/.github/workflows/cve-scanning.yml
@@ -44,8 +44,14 @@ jobs:
         working-directory: website
 
       - run: npx --yes auditjs ossi --whitelist allow-list.json
+        env:
+          OSS_INDEX_USERNAME: ${{ secrets.OSS_INDEX_USERNAME }}
+          OSS_INDEX_PASSWORD: ${{ secrets.OSS_INDEX_TOKEN }}
         if: success() || failure()
         
       - run: npx --yes auditjs ossi --whitelist ../allow-list.json
         working-directory: website
+        env:
+          OSS_INDEX_USERNAME: ${{ secrets.OSS_INDEX_USERNAME }}
+          OSS_INDEX_PASSWORD: ${{ secrets.OSS_INDEX_TOKEN }}
         if: success() || failure()
