name: security-scanning

on:
  push:
  workflow_dispatch:

jobs:
  audit:
    runs-on: debian

    steps:
      - name: Clone repository
        run: |
          rm -rf repo
          git clone https://gitea.bubuit.net/oib/aitbc.git repo

      - name: Verify repository context
        working-directory: repo
        run: |
          echo "PWD:"
          pwd
          echo "FILES:"
          ls -la

      - name: Install dependencies
        working-directory: repo
        run: npm install

      - name: Audit dependencies
        working-directory: repo
        run: npm audit || true

      - name: Security scan
        working-directory: repo
        run: npm audit --audit-level moderate || true